New Android ransomware poses as coronavirus tracking app - Android

DomainTools

We’ve seen loads of coronavirus apps pop up on mobile app stores in recent months, as the pandemic continues to sweep around the world. Google has taken steps to remove the more questionable apps from the Play Store, but it looks like one Android app on the web is actually ransomware.

Security company DomainTools (h/t: SC Magazine) spotted ransomware called CovidLock that poses as a coronavirus tracking app. The app, which is available on coronavirusapp[.]site, prompts users to give accessibility and lockscreen permissions.

Unfortunately, the ransomware locks users out of their phones by adding a password to the device. The criminals behind CovidLock then urge victims to pay $100 in Bitcoin within 48 hours to regain access. Furthermore, they warn users that contacts, pictures, and other content will be deleted and social media accounts will be leaked.

DomainTools

Thankfully, DomainTools says Android Nougat protects against this so-called screen-lock attack, but adds that you need to set a password on your phone for this protection to be effective. The security firm also says it’s reverse engineered the decryption keys for the ransomware and will post it publicly (although a redditor has posted the apparent password too).

Otherwise, the company suggests that you stick to the Play Store for your app needs and only use resources from governments and health institutions.

“Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will not be far behind,” the firm adds.

You should therefore be careful about clicking any links or downloading resources that claim to be coronavirus-related, as cyber-criminals create sketchy resources that look and feel like official tools.

More posts about security

This simple trick can make face unlock functionality work with face masks

Phillip Prado 3 days ago

March security update broken for some Pixels (Update: AT&T Pixel 4 update back)

Phillip Prado 1 week ago

Your phone can be hacked with ultrasonic waves and a… table?

Hadlee Simons 2 weeks ago

Report: New Android malware can steal 2FA codes from Google Authenticator

Hadlee Simons 3 weeks ago

10 best password manager apps for Android!

Joe Hindy 3 weeks ago

How Google kept billions of malicious apps off of your smartphone last year

Phillip Prado 1 month ago

5 best find my phone apps and other find my phone methods too!

Joe Hindy 1 month ago