Security News > 2020 > March > Android malware uses coronavirus for sextortion and ransomware combo
Late last week, researchers at network intelligence company DomainTools warned about an Android malware sample that caught our attention.
Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The website promoting the app offers to "Track Real-Time Coronavirus Outbreak in your Street, City and State", and says it will "Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries."
Although the malware claims to need lockscreen access to give you an "Instant alert when a coronavirus patient is near you", that's bogus for two reasons.
The text Safe mode appeared at bottom left of the screen; the malware didn't launch; and we could use the same procedure as we did above to locate, deactivate and uninstall the malware.
Sophos products detect and block this malware as Andr/SLocker-CX.The website where we downloaded the malware has been taken down.
News URL
Related news
- Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals (source)
- Ransomware gang deploys new malware to kill security software (source)
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)