Android ransomware has a number of means to extort victims. In the most common case, once a victim has downloaded and installed a fake or Trojanized app, the malware locks the screen and displays a bogus alert claiming the user had accessed forbidden materials. Meanwhile, the malware gathers the victim’s contacts list and encrypts data in the background. Users will then be prompted to pay a ransom, threatened by the loss of the encrypted data and the submission of the user’s browsing history to all their contacts.
Read more: symantec.com
I read about a guy that got a virus that emailed p0rn links to ask his contacts. He found out what happened and sent apologies.
He claimed he was then freaked out at how many replies he got that said thanks for sharing and sent him p0rn links of their own.