Security News > 2020 > March > Android malware uses coronavirus for sextortion and ransomware combo

Android malware uses coronavirus for sextortion and ransomware combo
2020-03-18 22:15

Late last week, researchers at network intelligence company DomainTools warned about an Android malware sample that caught our attention.

Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The website promoting the app offers to "Track Real-Time Coronavirus Outbreak in your Street, City and State", and says it will "Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries."

Although the malware claims to need lockscreen access to give you an "Instant alert when a coronavirus patient is near you", that's bogus for two reasons.

The text Safe mode appeared at bottom left of the screen; the malware didn't launch; and we could use the same procedure as we did above to locate, deactivate and uninstall the malware.

Sophos products detect and block this malware as Andr/SLocker-CX.The website where we downloaded the malware has been taken down.


News URL

https://nakedsecurity.sophos.com/2020/03/18/android-malware-uses-coronavirus-for-sextortion-ransomware-combo/