Already a scourge in the West, Android.Lockdroid ransomware has expanded its base to include Japan, according to a Thursday post by Symantec.
The malware traditionally has been delivered from adult sites after a user clicks on a link, sometimes an ad. It also poses as a porn video app, which users attempt to download, or as a system update.
Once it has gained access to C&C servers, it uploads device information to determine the device's language and can then customize its ransom message to the appropriate language.
It is the first time that Symantec has detected mobile ransomware for Western users in any Asian language.
Whether the message is delivered to the U.S., Europe or Japan, victims are duped into believing that authorities have locked their device because the user has viewed or downloaded porn. The warning demands the user pay a fine, around $100, to unlock the device.