Covid19 Tracker, a very popular application to track coronavirus actually hides a dangerous ransomware called CovidLock. It is strongly recommended that you remove all permissions from this application and uninstall it immediately.
Read also: Play Store – these 66 Android applications hide malware called Tekya
Better to settle for the Play Store during the coronavirus epidemic
Although Covid19 Tracker is not available on the Play Store, many users have downloaded and installed this APK. The application proposes in particular to alert you if a case of coronavirus is detected near you. Obviously, this fairly unique feature was enough to convince many people. However, there are obviously several things that could have put you on the spot.
First, the official data on infected people is not as precise, and it is therefore difficult to tell you whether new infected people have been detected near you: in the best cases, you will have the figures for nearest hospitals. Then there is the behavior of the application on the smartphone. Covid19 Tracker does require enabling notifications to work.
However, allowing it causes the exploitation of a flaw and installing ransomware on the device. Baptis CovidLock this malicious program exploits techniques to prevent the victim from accessing their smartphone by forcing a change of password used to unlock the phone. This is also known as the screen-lock attack and we have already seen this process in other Android ransomware., notes Domain Tools.
When the ransomware is active, a notch (see screenshot at the end of the article) is displayed and requires the payment of the equivalent of 100 dollars in Bitcoins within 48 hours to unlock the smartphone. Hackers are threatening to erase your contacts, photos and videos and even leak your social media credentials on the net. Domain Tools concludes with advice to avoid getting caught up in this kind of campaign:
- Go exclusively through the Google Play Store to minimize risk
- Refer to trusted sources such as the WHO, major newspapers and French and European Union government sites
- Do not click on links related to coronavirus reus by email
How is your confinement going? Do not hesitate to chat a bit in the comments!
Source: Domain Tools