While the world is in panic mode, the coronavirus being declared pandemic, hackers are busy exploiting the situation to steal money and data from affected users.
After using COVID-19 tracking cards to install malware on PCs, hackers are now spreading fake coronavirus tracking apps to trick people into downloading ransomware.
Researchers from the security company DomainTools have noticed an increase in the registration of domain names linked to the coronavirus. During their research, the team found that a peri-coronal website – coronavirusapp[.]site – invites users to install an Android application to help them keep up with updates on the coronavirus pandemic.
[Read: Coronavirus domains 50% more likely to infect your system with malware]
However, the app is a facade for ransomeware called CovidLock, which changes the lock screen password and asks users to pay $ 100 in BitCoin to unlock it.
The site is quite misleading and claims that the application has been certified by the World Health Organization (WHO) and the Centers for Disease Control and Prevention (CDC); hackers also incorrectly claim that the app has received more than 6 million reviews and is rated 4.4 stars. The application description indicates that it can send you instant notification when a COVID-19 patient is near you:
Receive instant notification when a coronavirus patient is near you, View local coronavirus epidemic status in an easy-to-navigate app with data retrieved directly from the Centers for Disease Control and Prevention (CDC) and from the World Health Organization (WHO).
Once you’ve installed the app, it prompts you for various permissions, including access to your lock screen.
Looking at the content that came with the site’s malware and SSL certificate, the DomainTool research team suggested that the hackers behind this scam are connected to other porn scams and Android malware attacks.
The company said gratefully it seems that ransomware has not spread widely, and there have been no cases of people giving their money.
Right now, the best steps to keep you safe are to avoid domains related to fraudulent coronaviruses and only install apps from the Play Store.
Discussion about this post