Trusted Design

Koler Android Ransomware Targets the US with Fake Apps

概要

During the past week, US users visiting adult-themed sites were targeted by ads for a fake PornHub app that contained a version of the Koler ransomware. This particular ransomware appeared in 2014 when the operators of the Reveton Windows screen-locking ransomware decided to branch out and create an Android counterpart, which they began advertising on Russian-speaking hacking forums. The Android version was a hit from the get-go, and it was one of 2014's most active Android threats, being detected in multiple campaigns during that year [1, 2, 3], including one that leveraged an SMS worm to automate and boost its infection process.

Created: 2026-02-23

Indicators

• URL - http://wgpkufizsu.greatgirlsvideoprivate.site/1/pornhub.apk -
• URL - http://sgzi6vsokn.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 4b07e1d8e6c94a6d83828de6198e87f4ff02aab0 -
• URL - http://ct7iownngf.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 32509ba29db2b8f134496fc63686781cab640b6c -
• FileHash-SHA1 - d1e9adb2c6aa77061ebfddfa86d861890833622c -
• URL - http://sg75odgcht.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://sgp5lglcyt.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 80fceb79157fc1f38f53ce5c9f2709c8d3a6f884 -
• URL - http://sgpk5y7ypy.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - d86f88a9ed4169783bb44730316ec20a3db3d694 -
• FileHash-SHA1 - c3798d7344689f2a075fb21b2829e26fe3eb5350 -
• URL - http://sgzi6bd7dx.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cgzi47ylkk.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 3b790c5f2a71f39570204f927c3603794c708059 -
• URL - http://wnziibfza7.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 7bd81b7c7ed4f6b1751bb16e6ce7156ed68baa54 -
• URL - http://sn7iovdfjx.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://sgziksgr4s.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://ctz5igyoqa.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 87ea5d1c293ffc46b904ef39b956330ad5e6c77c -
• URL - http://snz5ofkfhe.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cnpkjkxpdh.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 7d9cfa33481247d1f45454a36b8ed676be37a3d1 -
• URL - http://wn7i4kxwzp.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cgzikmdole.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 462468d031d287c2166aa7585b6ce7fa91af47d7 -
• FileHash-SHA1 - c51e0f502ecf8aa4c14677a03ea6fcf1ccf424ea -
• FileHash-SHA1 - a0727387f818367f884d6c27d04fa89320c57d04 -
• URL - http://ctp56nuwwp.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 09ac8592e6532960ada3e924b289524efe00784b -
• FileHash-SHA1 - 73b60468624ff3a6effbc1158c03f6496015d4b8 -
• FileHash-SHA1 - 48b614d0c91294f2554e99c368fb56ac84529405 -
• FileHash-SHA1 - 63abcd340f23609d46f2efb55fed8a0a2dd7642c -
• FileHash-SHA1 - 7c9fd4be5504039b2359fc7cb1fb5662c2e52088 -
• FileHash-SHA1 - ac7e2f0400212d3454c32ce763a5549b54f0d995 -
• FileHash-SHA1 - 98c38d119b0fa9f76629754bd6b3bc31d3c297b1 -
• FileHash-SHA1 - bb5116b02bb363e61e47ec6331f9e5e8894d8427 -
• URL - http://cnzklvjcz4.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://sgzi6fwsco.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cn7ilfn6f6.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 17c328098c47502d9adcd5a755def8c240306126 -
• URL - http://wg7k6efnfo.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wt7kld7tbe.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wn7kkwe6ad.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://sn7ilxxe6e.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 05a2dccff1655030855a9a3f8a0641288e615a42 -
• URL - http://cnpikvxtlg.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 50d39a1cf9478a820f9bd68dd3f0f8957eec6b0a -
• URL - http://stzi5sjxng.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://snzk5qrnrz.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wtpku4pm76.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wg7k55xelw.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - e6cd197fd725d48f0102373ff0bdd386fa58a256 -
• FileHash-SHA1 - 2b5bcd4deba93d4c085fdd291fb04874670f9b62 -
• URL - http://stp54mmmyj.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 29606209c11fc341d660ff0698e3c1ea838c5fa6 -
• FileHash-SHA1 - f52c7094b874ccc4fe322596b16fd817d4c0f5fb -
• URL - http://sgziiiedxw.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wtpiuoc5w5.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cgzikaejqa.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 69ec58ed8203247b0e3917af19e70225cfb1a42e -
• FileHash-SHA1 - 7042de2a10ae1c02d04ef3faaa2a1ad0f8507822 -
• URL - http://cn7kibaxih.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 3ebf1768e6b6c05c26fd1718d623295fbbd530d2 -
• URL - http://wgz5ltrkcv.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cnpkogyv5l.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 02d6b23014ead482597d31c25636ee0ffddaaa43 -
• FileHash-SHA1 - db77ec7b760af469e8a6e55ec7ab025f136d1fe1 -
• URL - http://snzkocrf4v.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 804aa44a2c680e117d8916c21cd80003f8d5c8ea -
• URL - http://st75jvjzpy.verygoodgirl.us/1/pornhub.apk -
• URL - http://ctzkuefwmh.tubegirlsnight.us/1/pornhub.apk -
• FileHash-SHA1 - 9c2267b7ee37949d4591dc1d8fb7b63497072b28 -
• URL - http://wtzk4ud6ou.freenightbeautifulgirls.us/16/pornhub.apk -
• URL - http://wgziuiihed.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wn75iaacp4.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wtzi6qs7mi.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 656c641838a7d027a72b5a2c5da53db491167cc7 -
• URL - http://sgpiukh6bg.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 4f1642ca5d32f58d66363d4a38c21195f38b201d -
• FileHash-SHA1 - 6f652561b791d55896e9d42320b92207dc4239e6 -
• FileHash-SHA1 - 9ef2343a3a57c3d4ad51eb49cf4c70336947e0fb -
• FileHash-SHA1 - d1540d64f1cdb3e72a906fa7be5e1d1c0578ae7f -
• FileHash-SHA1 - 6035b88a34d3b21cad35d190a8d40dcbdafe4e6c -
• URL - http://sg75ivdk4y.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cgziltnnft.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wtzilrzdid.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cgpikxjnfi.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://ct75ircshb.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wgz5jvn6r4.verygoodgirl.site/1/pornhub.apk -
• URL - http://wn7ikrn5np.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cg7iiaozm5.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://cgz5lygeib.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://wnpklcejny.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - 8acb1bdce4b35825cb26547ceb2ccc9e8a968977 -
• URL - http://cn7kujjni7.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - b0f11c2d9f5a44f973e83787fa984153a6223cb3 -
• FileHash-SHA1 - f0c855f2f4511882fd1de69b38184b8d81af1418 -
• FileHash-SHA1 - e1e33d0c080a3eadd7817acf308f8822f56bbc66 -
• FileHash-SHA1 - b79916cb44be7e1312d84126cb4f03781b038d10 -
• FileHash-SHA1 - 6a56c0b350ad90354742d36119aa635a376547c2 -
• URL - http://wn7iuedrcd.tubegirlsnight.us/1/pornhub.apk -
• FileHash-SHA1 - 4cd994e5aca063b130084fc3ac0eb6e12e04d83a -
• URL - http://wt7kod6kwe.greatgirlvideoprivate.site/1/pornhub.apk -
• URL - http://ctpkjgx57k.greatgirlsvideoprivate.us/1/pornhub.apk -
• FileHash-SHA1 - 1497bb2250733faafab60dfec4eea4b2a8419e12 -
• URL - http://wnzik7rtf6.greatgirlvideoprivate.site/1/pornhub.apk -
• FileHash-SHA1 - b04f91544235220403847c1fcfa1beb0eefb603d -
• FileHash-SHA1 - e9640caae3d4f0ef06cc0de73f153c3fe608dc28 -

類似Pulses

• Android ransomware links to Pkybot aka bublik malware team (score: 0.68)
• ZBot Malware (score: 0.68)
• Kemoge: Another Mobile Malicious Adware Infecting Android (score: 0.67)
• Locker: an Android ransomware full of surprises (score: 0.67)
• Ransomware: Kovter Associated (score: 0.65)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る