porn app malware FBI xhamster
Fake porn apps take a photo of the user and demand $500 as a fine for watching child porn Getty

Two fake apps that accuse users of watching child pornography are being used by cybercriminals to steal personal data from mobile devices. The ransomware, discovered by security firm Zscaler, also demands that users pay $500 (£330) as a "fine" for watching illegal content.

The Mature F**k Porn and Bathroom apps are the latest instances of mobile ransomware to be disguised as porn apps and follow the discovery of the fake porn app Adult Player in September. A report from security provider Blue Coat Systems found that porn was the leading attack vector for mobile malware in 2015.

The apps aim to extort users by taking control of the device's camera to take a photo of the user, before locking the screen with a message purporting to be from the FBI. The only way to get rid of the message, which claims the user has been looking at child porn, is to reset the device in safe mode.

"[Around] 30% of internet traffic is in some way related to pornography and this is the primary reason why malware authors are using porn apps to infect large numbers of users," a representative of Zscaler said in a statement to IBTimes UK.

"During recent data mining, we noticed an increasing volume of mobile malware using pornography (disguised as porn apps) to lure victims into different scams and stealing personal data or locking phones and demanding ransom payments."

Beyond apps, porn websites have been targeted with malware in recent months, causing tens of thousands of visitors to be infected. The growing trend of malicious advertising – known as malvertising – has become a major issue for adult websites, with Pornhub and xHamster posing the most risk to visitors, according to research from Conrad Longmore.

The apps are being shared through unofficial app stores and Zscaler has advised mobile users to only download apps from trusted stores, such as Google Play.