The global pandemic is being exploited by cybercriminals, who are taking advantage of people’s uncertain environment and the change in working models to carry out their criminal activities. Teleworking has increased the risk of using vulnerable technological tools, such as VPNs, video-conferencing services, home computers, tablets, home internet routers, etc. For this reason, criminals are targeting independent individuals and large corporations, and an example of this is CovidLock.
Cybercriminals hide in the pandemic as reliable sources of information and generate attacks through phishing emails and malicious applications that seek to steal information, carry out espionage and theft of credentials. In the same way, they seek to profit by sending and installing ransomware and other types of malware. An example, are these applications for Android which promise to provide real-time monitoring of the Coronavirus and when the user downloads it gives him full access to install the ransomware called CovidLock on the device.
This threat claims to have a real-time coronavirus outbreak tracker available by downloading an app, but don’t be fooled! Actually, the application is poisoned with ransomware. This Android ransomware application, never seen before in the wild, has been titled “CovidLock” due to the capabilities of the malware and its backstory. CovidLock uses techniques to deny victim access to their phone by forcing a change in the password used to unlock the phone. This is also known as a screen lock attack and has been seen before in Android ransomware.
The ransomware asks for $ 100 worth of bitcoins within 48 hours in the ransom note. These also threaten to erase your contacts, images and videos, as well as your phone’s memory. It even claims that it will publicly leak your social media accounts. Since Android Nougat was released, there is protection against this type of attack. However, it only works if you have set a password. If you haven’t set a password on your phone to unlock the screen, you’re still vulnerable to CovidLock ransomware so do it before you can regret it.
More reads:
Saint bot – A new password stealing threat
Netwalker Ransomware that uses the fear on Covid
