ESET security researcher Lukas Stefanko discovered an ongoing campaign pushing fake PornHub apps infected with the Koler ransomware. Koler is one of the first Android ransomware threats that implemented and started using this technique a few years ago. This particular campaign targeted only US users, as the ransomware only included ransom notes with an FBI theme. The only way to remove this screen is to boot the device in Safe Mode, remove the ransomware’s user from the admin group, and then uninstall the fake Pornhub app.
Source: https://www.bleepingcomputer.com/news/security/koler-android-ransomware-targets-the-us-with-fake-pornhub-apps/