Phony contact-tracing apps meant to mitigate the spread of the Covid-19 pandemic are installing ransomware on mobile devices.
One app billed itself, “The Covid-19 Tracer App,” claiming to be an official mobile app of the Canadian government’s coronavirus contact tracing effort. “The more Canadians who voluntarily download and use the app, the safer we’ll be, and the faster we can reopen the economy,” stated the scam website. The “app” deployed a strain of CryCryptor, which is an open-source ransomware program.
ESET, the cybersecurity firm that identified the malicious program, quickly developed a decryptor to eliminate the ransomware from infected phones.
At least twelve other fake apps have been identified that target Android users in Armenia, India, Brazil, Colombia, Indonesia, Iran, Italy, Russia, and Singapore, among others. None of the apps were available on the official Google Play store, which is the largest repository of Android software and is typically pre-screened for malware.
When downloading apps, it is important to read the reviews and only visit trusted sources.