Fake Coronavirus-Android-App asks for a ransom in Bitcoin

Posted on by

In scary times, people are looking for information to alleviate their Fears. Hackers look for new Ways to deceive frightened people. Their latest invention: “COVID19 Tracker”, a fake Coronavirus Tracking App, claiming that she would reveal their Social Media accounts and the total memory of your phone will not delete if you pay $ 100 in Bitcoin.

The security research team from DomainTools discovered the Android application in the Monitoring of recently registered Coronavirus and COVID-featured domain name. On Friday, the company released a report in which the operation in Detail is described.

If you would like to download an Android App, it goes normally to the Google Play Store. In the Scam the App “COVID19 Tracker is” on a Website, the corona virusapp[.] Site, hosted. The Website lures unsuspecting victims to Download the App, which gives you supposedly have access to a Coronavirus-cards-Tracker. The card seems to provide Tracking and statistical information about COVID-19, including visual Heatmap.

Once the unsuspecting victim opens the mobile App asks you for access to the lock screen of the user, so that it can send a notification when a Coronavirus, lurks the Patient in the vicinity (which by the way is impossible to know). In addition, she asks for permission to change the accessibility settings of the phone for the “active state supervision”.

In reality, the App is equipped with a ransom note called “CovidLock”, which uses a technique called “Screen-Lock-attack”, to deny the user access to the phone by a Change of password is enforced, which is used to Unlock the phone. After “CovidLock” has been enabled, the screen will change to a ransom demand, prompting the user to pay within 48 hours 100 dollars in Bitcoin.

If the user is not paid, it says on the note that the contacts, pictures, and Videos of the phone will be deleted. It is also claimed that their Social Media accounts in the world are disclosed. And the App even warns: “your GPS is destroyed will be monitored and their location is known, if you try anything Stupid, your phone automatically. At the end of the reference a text box in which the user of the decryption code to enter, as well as a button below the text field on the “Decode” is located. Those Bastards!

So far, it looks like someone was taken in by the fraud. The Bitcoin address that the App used to receive BTC, is now empty. Android provides, since 2016, when it published his Nougat-operating system protection against this type of attacks. It works but only if you have set a password. If you have not set any password on your phone to the screen to unlock, you are according to the report, still susceptible to the ransom demand CovidLock.

However, there is light at the end of the tunnel for those who are victims of such an attack. The security research team of DomainTools has developed the decryption key, and plans to release the key publicly. It is not the first Time that cyber criminals exploited the Public demand for Covid-19-information in the helpful Form of a global pandemic.

Featured Image: Wit Olszweski | Shutterstock

SHARE ON
TwitterFacebookWhatsAppGoogle+BufferLinkedInPin It

See also:

  1. Top 4: Bitcoin robot for automated trading 2020 | Coin-Hero
  2. HTC and Midas Labs in Q2 App for the Monero Mining
  3. Bitcoin, Ethereum & Ripple: prices that you should observe during the COVID-19 volatility
  4. Brave Browser has recorded 40 million Downloads on Android
  5. Crypto Valley, Switzerland, is in need of money and asks government for help
  6. CLAY asks Telegram, not to interfere | Coin Hero
  7. Coronavirus has Miner no impact on Bitcoin
  8. Bakkt launches a Consumer App for Bitcoin payments at Starbucks in 2020
  9. Bitcoin exchange Bakkt developed a consumer App for BTC payments
  10. Bitcoin secures the highest revenues in the Cash App | Coin Hero