Security News > 2020 > March > Android malware uses coronavirus for sextortion and ransomware combo
Late last week, researchers at network intelligence company DomainTools warned about an Android malware sample that caught our attention.
Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The website promoting the app offers to "Track Real-Time Coronavirus Outbreak in your Street, City and State", and says it will "Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries."
Although the malware claims to need lockscreen access to give you an "Instant alert when a coronavirus patient is near you", that's bogus for two reasons.
The text Safe mode appeared at bottom left of the screen; the malware didn't launch; and we could use the same procedure as we did above to locate, deactivate and uninstall the malware.
Sophos products detect and block this malware as Andr/SLocker-CX.The website where we downloaded the malware has been taken down.
News URL
Related news
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)