Security News > 2020 > March > Android malware uses coronavirus for sextortion and ransomware combo
Late last week, researchers at network intelligence company DomainTools warned about an Android malware sample that caught our attention.
Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The website promoting the app offers to "Track Real-Time Coronavirus Outbreak in your Street, City and State", and says it will "Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries."
Although the malware claims to need lockscreen access to give you an "Instant alert when a coronavirus patient is near you", that's bogus for two reasons.
The text Safe mode appeared at bottom left of the screen; the malware didn't launch; and we could use the same procedure as we did above to locate, deactivate and uninstall the malware.
Sophos products detect and block this malware as Andr/SLocker-CX.The website where we downloaded the malware has been taken down.
News URL
Related news
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)