Picture illustration. (REUTERS/Pawel Kopczynski)
There's a new piece of mobile ransomware hitting Android users, but giving in to its demands won't help. In a novel twist, LockerPIN locks users out of their phones by randomizing their PIN codes; even if you pay, the criminals behind the malware can't unlock your device.
The Bratislava, Slovakia-based antivirus firm ESET announced the discovery of LockerPIN Sept. 10, and the new malware attacks users through -- you guessed it -- an adult entertainment app. The app in question is called Porn Droid, and it's the second of its kind we've reported on this week, following one called Adult Player.
MORE: Best Android Antivirus and Security Apps
LockerPIN won't work unless the user actively clicks through a series of "Update patch installation" windows that pop up once Porn Droid has been installed. According to ESET detection engineer Lukáš Štefanko, three-quarters of Android devices infected by LockerPIN/Porn Droid have been in the United States.
Adult Player at least gave users control back once they forked over the $500 ransom, but since paying the hackers behind Porn Droid/LockerPIN off is pointless, victims have few options.
The easiest way to remove LockerPIN is to perform a factory reset on the device, wiping all personal data away. Those who refuse to give up will have to try working through all 10,000 possibilities, but even that won't work for everyone. Some Android phones will lock users out after a certain number of failed attempts.
Štefanko said that Porn Droid has only been seen in the wild on unofficial, third-party Android app distributors. As we said when Adult Player was discovered, we advise users to only download apps from official stores, such as Google Play.
Get a daily look at what’s developing in science and technology throughout the world.