While the rest of the world has been on slow down due to the COVID-19 pandemic, malware developers used this opportunity to spread another malicious app. Unsurprisingly, it is not from Android’s Play Store.
Researchers at DomainTools found out the app when they came across the website coronavirusapp[.]site.
The app named CovidLock uses a familiar scheme — it pretends to provide tracking and statistical information related to the COVID-19 outbreak.
Once installed, it locks out users of their smartphones and demands payment in exchange of access. Specifically, it requests $100 in Bitcoin from the user. If the user has not provided the said payment within 48 hours, it then threatens to delete all data on the phone.
Fortunately, there’s some good news here. A Reddit user said that they were able to decode and found out the password. Just use “4865083501” without the quotes and you’ll be able to use your phone again.
- COVID-19 test kit developed by UP scientists is 11 times faster and over 6 times cheaper compared to imported test kits
- BEWARE: Hackers are taking advantage of the coronavirus pandemic scare to spread virus into computers
However, this is not the only COVID-19 scams we’ve seen in the past months. As reported before, various malware apps are spreading around the globe. Most of these apps meant to frighten the community.
Unfortunately, this also shows that Android still posses a huge security risk to its users. This is also a gentle reminder to everyone that downloading apps should only happen in official channels — Google Play Store for Android and App Store for iOS.
Both Apple and Google already reported having removed malicious apps. This means that anything coronavirus related apps that you get outside of these legitimate stores are most likely dangerous.
Inthe end, stick to official websites. Only open trusted websites and links. It is also best not to open COVID-19 related attachments unless it’s from reliable sources.