The Internet is drowning in COVID-19-related malware and phishing scams

reader comments

16 with 15 posters participating

Emails and websites are promising vital information about keeping safe from the coronavirus pandemic that’s sweeping the globe and threatening millions. In fact, a flood of them are scams that push malware, ransomware, and disinformation; attempt to steal passwords and personal information; and conduct espionage operations by hackers working for nation-states.

One of the most recent coronavirus hoaxes to come to light is an Android app available at coronavirusapp[.]site. It claims to provide access to a map that provides real-time virus-tracking and information, including heatmap visuals and statistics. In fact, a researcher from DomainTools said, the app is laced with ransomware.

“This Android ransomware application, previously unseen in the wild, has been titled ‘CovidLock’ because of the malware’s capabilities and its background story,” DomainTools researcher Tarik Saleh wrote in Friday’s report. “CovidLock uses techniques to deny the victim access to their phone by forcing a change in the password used to unlock the phone. This is also known as a screen-lock attack and has been seen before on Android ransomware.”

CovidLock charges about $100 in bitcoins to unlock infected devices. Since version 7, Android has provided protection against screen-lockout attacks but only if users have set a password to lock their device screens to begin with. DomainTools researchers have reverse engineered the ransomware and plan to release decryption keys that will unlock phones for free. DomainTools didn’t say how many devices have been infected.

Gone phishin’

People pushing phishing scams are also capitalizing on the pandemic. One batch of emails sent to college students poses as official communications from University

Continue reading – Article source