A New Threat Emerges

A new ransomware is making the rounds on Android devices, as reported by PCWorld. It’s the first known malware that changes your PIN code, according to security company ESET, which discovered the issue. The malware, called “Porn Droid,” disguises itself as an adult content viewer—already a red flag for business devices.

Where It’s Found

You’ll typically encounter this malware in forums that distribute pirated software or in third-party Android app marketplaces. While some of these marketplaces may seem harmless, they can be a gateway for malicious apps like Porn Droid.

How It Works

Once installed, the malware displays a fake FBI warning claiming that suspicious files have been found on your device and that your visits to adult websites have been logged. It then locks your device and demands a $500 fine within three days, threatening “apprehension” if you attempt to unlock, disconnect, or dispose of the device.

Why It’s Dangerous

The malware uses admin privileges to lock your device and includes a call-back function to reactivate those privileges if you try to disable them. It also attempts to disable popular security apps like Avast, ESET Mobile Security, and Dr. Web.

Your Options for Recovery

The only guaranteed way to remove the malware is to restore your device to factory settings, which unfortunately deletes all your data. This is a strong reminder of the importance of regular backups. In some cases, we may be able to remove Porn Droid without erasing your data—depending on your device’s configuration.

Need Help or Have BYOD Concerns?

If you’ve been affected or have questions about Bring Your Own Device (BYOD) policies and protections, please contact us. We’re here to help you secure your devices and your business.