A Coronavirus Tracking App for Android Hides Ransomware

Some men you just can't reach; the world is fighting the pandemic and some folks are using it to make money (in a very bad way)...

A Coronavirus Tracking App for Android Hides Ransomware

Watch out folks – if you installed an app called CovidLock on your Android smartphone or tablet, make sure to deinstall it ASAP.

Dubbed a tool for tracking the coronavirus outbreak, it is actually hiding ransomware that could lock your device before demanding a ransom in bitcoin.

The nasty app was discovered by Tarik Saleh, a computer security researcher at DomainTools, and Google has promptly removed it from its Play Store. Nevertheless, CovidLock can still be found on some corners of the Interwebs — which we advise anyone not to visit. In fact, you should download apps exclusively from the Google Play Store to minimize potential damage to your phone — and more importantly, your data.

Back to the nasty app… once installed on the victim’s smartphone, CovidLock will quickly lock the device in case it doesn’t have a password set. Unfortunately, there are still many folks out there that keep their devices password-free, despite the fact that they could unlock them with nothing but their finger. Or even their face.

So if you, like me, use a fingerprint for phone unlocking (coupled with a password in my case), you’re good to go — this ransomware can’t do you any harm.

On the other hand, if you’re in the other (less lucky) group, CovidLock will lock your phone and give you 24 hours to deposit $100 in bitcoin at a BTC address. For this money, hackers promise not to erase your data and not to disclose your private content on social networks.

“We will monitor your GPS location and your position. If you try something stupid, your smartphone will be automatically erased” threatens the warning message displayed by the app.

corinavirus ransom note

Once they receive the ransom, hackers promise to provide a code to unlock your device.

“Cybercriminals like to exploit people when they are at their most vulnerable,” explained Tarik Saleh. “They use dramatic events that cause people to be emotional or fearful to drive their profits. Any time there are major news cycles happening on a topic that stirs a strong reaction, cybercriminals will not be far behind.”

We once again invite you to remain cautious and restrain from downloading apps (APK files) from unknown sources. You never know what these apps are hiding beneath…