Internet security firm ZScaler is urging Android users to steer clear of “Adult Player,” a third-party porn viewing application that surreptitiously snaps photos of people’s faces while they’re looking at their screens.

Though Adult Player bills itself as an app designed to give people easy access to pornography, it is, in actuality, a piece of “ransomware,” a program meant to threaten victims into handing over cash to the developers behind the scheme.

When a person launches Adult Player, the application hijacks their front camera and begins to take photos of them. The program then locks itself down while displaying a classic ransomware screen instructing the victim to transfer $500 to the developers via PayPal in exchange for their privacy.

ZScaler

In addition to an actual photo of the victim, ZScaler explains, the program also collects identifying information about a victim’s phone like its model, specific OS, and network carrier. Because Adult Player embeds itself deep within the root processes of a phone, it can’t be disabled by simply turning the device off or rebooting it.

“The ransomware is designed to stay stagnant on screen and does not allow the the victim to uninstall it,” ZScaler explains. “Rebooting the device does not work in such cases as ransomware app becomes active immediately after reboot, which leaves no scope for the victim to get into device ‘settings’ and uninstall the ransomware.”

According to PornHub, one of the largest (and most popular) purveyors of free pornography on the internet, people are increasingly consuming their adult content from mobile devices and tablets. It isn’t surprising that Adult Player’s developers would attempt to capitalize on the trend, but that shouldn’t suggest that browsing for erotica from your phone is an entirely dangerous thing.

It’s important to point out that Adult Player is not a Google-certified Android application that you can just stumble upon; it’s something you have to go out and seek.

It’s important to point out that Adult Player is not a Google-certified Android application that you can just stumble upon; it’s something you have to go out and seek. As is always the case with programs and applications, your best bet is to stay within the walled garden.

“To avoid being victim of such ransomware, it is always best to download apps only from trusted app stores, such as Google Play,” ZScaler advises. “This can be enforced by unchecking the option of “Unknown Sources” under the “Security” settings of your device.”

Something else to consider: there’s absolutely nothing stopping you from using Chrome, Opera, Firefox, or any other number of popular, vetted, and non-random demanding browsers for all of your mobile pornography needs.

Surf responsibly, folks.