Ransomware Changes Your BYOD Phone's Pin

Android user’s beware! New ransomware is making the rounds of Android devices, as reported in PCWorld. It’s the first malware that changes your pin code, according to security company ESET, which discovered the issue. It’s called “Porn Droid” and purports to be a viewer for adult content, which by itself is problem enough for business devices.

You’ll typically find it in forums that specialize in pirated software, which is another strike against it, or in third-party marketplaces for Androids apps, which are more benign locations. After it’s installed, your screen shows a warning, supposedly from the FBI, that “as a result of full scanning of your device, some suspicious files have been found and your attendance of pornographic sites has been fixed. For this reason your device has been locked.”

You then have three days to pay a find of $500, with threats of “apprehension” if you try to unlock the device, disconnect it, or dispose of it. While you won’t be arrested if you try to deactivate the admin privileges used to activate the malware, it does use a call-back function to reactive them. It also tries disable such security products as Avast. ESET Mobile Security, and Dr. Web.

Your only recourse for eliminating the problem is to restore your device to factory settings, which deletes all your data, which is one more reason that you need to back up your devices regularly. We may be able to remove Porn Droid without erasing data, if certain circumstances about your phone are valid.


If you’ve become a victim, or have BYOD questions or issues, please contact us.