VERY IMPORTANT

During the past week, US users visiting adult-themed sites were targeted by ads for a fake PornHub app that contained a version of the Koler ransomware. This particular ransomware appeared in 2014 when the operators of the Reveton Windows screen-locking ransomware decided to branch out and create an Android counterpart, which they began advertising on Russian-speaking hacking forums. The Android version was a hit from the get-go, and it was one of 2014's most active Android threats, being detected in multiple campaigns during that year [1, 2, 3], including one that leveraged an SMS worm to automate and boost its infection process.