31 January 2018

Porn on the move: In 2017, over 25% of users hit by mobile malware faced porn-themed attacks

In 2017, 25.4% of mobile users who encountered malware - over 1.2 million people - were attacked by malicious programs that used adult content to lure them into installing malware on their devices. This is one of the findings of Kaspersky Lab’s recent overview, ‘Cyberthreats facing users of adult websites and apps’.

In 2017, 25.4% of mobile users who encountered malware - over 1.2 million people - were attacked by malicious programs that used adult content to lure them into installing malware on their devices. This is one of the findings of Kaspersky Lab’s recent overview, ‘Cyberthreats facing users of adult websites and apps’.

Sex sells, as they say in advertising. However, in cyberspace it serves not only as a method for securing sales, but also as a tool for malicious activity. This became obvious when Kaspersky Lab experts took a look at how cybercriminals are using adult content in their activities. It turns out that the most active use of porn topics is in the mobile threat landscape. During the course of the research, Kaspersky Lab specialists identified 23 families of malware that use porn content to hide their real functionality.

The research showed that when downloading an unknown porn application, users are at greatest risk of being infected with so-called clickers. Upon infection, this malware starts to click through ad-links or try to subscribe the user to a WAP-subscription in order to drain their pre-paid mobile credit. 

The distribution of users who encountered different types of malware disguised as adult content applications.

Banking Trojans disguised as porn video players are the second most widespread type of porn-powered malware. This is followed by rooting malware and ransomware. The latter often comes in the form of legitimate applications for known porn websites. In many cases, porn ransomware utilizes scareware tactics: it locks the device screen and shows a message stating that illegal content (usually child porn) has been detected on the device, and the device has therefore been locked. In order to unlock the device, the victim has to pay a ransom. This message usually comes with screenshots from actual child porn videos.

An example of ransomware using scareware tactics, to make the user pay a ransom. The target audience of this app is obviously US based users.

“Although we can’t say that porn-themed mobile applications are technically very different to those that do not use porn in their activities, there are a few specifics when it comes to attacks with porn-powered malicious applications. A victim who has been compromised with an adult content-enabled malicious program might think twice before reporting the incident, simply because the very fact that they were trying to find porn content is viewed critically. Therefore, from the attacker’s perspective, such a person is a much more convenient victim. This is one of the reasons why we see so many attacks with porn malware. The other one is much simpler: people are consuming ever more content via mobile. This includes adult content as well,” - said Roman Unuchek, security expert at Kaspersky Lab.

To prevent any malware or cyber fraud-related troubles when it comes to adult content we strongly advise users to follow these recommendations:

  • Use only trusted web sites when it comes to adult content. Cybercriminals often set up fake porn sites for the single purpose of infecting victims with malware.
  • Do not install Android applications from unknown sources, even if they promise you access to the content you were looking for. Instead, use official applications from official sources, like Google Play.
  • Avoid purchasing hacked accounts to porn websites. This is illegal and such accounts may be blocked by the time you purchase it.
  • Use reliable internet security solution capable of protecting all your devices from any kind of cyberthreats.

Learn more about threats that users of adult content websites and applications face in the full overview here.

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company operating in the market for over 20 years.  Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and close