There’s a fresh Android threat and this one is particularly nasty. As spotted by the team at DomainTools, it seems scammers are trying to cash in on the Coronavirus outbreak which is currently bringing the world to a standstill. This global emergency has infected over 120,000 people and killed more than 4,000.
With so much concern over the virus, the public are an easy target. The shock new threat comes in the form of a Coronavirus map tracker app which, once installed, takes over a device and demands money from the unsuspecting user.
Those who don’t pay the $100 in bitcoin are told that the device will be erased with the owner losing all of their contacts, photos and video.
This frightening Android ransomware application titled “CovidLock” has never been seen before in the wild.
Explaining more about the new threat, Tarik Saleh, Senior Security Engineer and Malware Researcher at DomainTools said: “Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will not be far behind.
“The DomainTools security research team discovered a domain (coronavirusapp[.]site) that claims to have a real-time Coronavirus outbreak tracker available via an app download.
The domain prompts users to download an Android App that will give them access to a Coronavirus map tracker that appears to provide tracking and statistical information about COVID-19, including heatmap visuals. In reality, the app is poisoned with ransomware.”
Luckily it seems there is a simple way to stop this attack from taking over your phone.
DomainTools says that since Android Nougat rolled out back in 2016, there is protection in place against this type of attack.
However, it only works if you have set a password. If you haven’t set a password on your phone to unlock the screen, you’re still vulnerable to the CovidLock ransomware.
DomainTools has now published advice on how to stay safe and increase your ransomware immunity
Here are their top tips:
Be sure to only use trusted information sources from government and research institution’s websites. Don’t click on anything in your email that’s health related. In general, be sure to follow all of the basic phishing recommendations—be aware that people are trying to capitalize on fear here.
Ensure that you download Android applications only from the Google Play store. There is a much higher risk of downloading malware from untrusted 3rd party stores.
Published at Sat, 14 Mar 2020 07:00:00 +0000