New ransomware has popped up that may signal more malicious COVID-19 apps are coming.
The "CryCryptor" app, distributed on two websites under the guise of an official COVID-19 tracing app provided by Health Canada, has been targeting Android users, according to researchers at cybersecurity software firm ESET.
The app largely does what ransomware most does -- it encrypts, or locks, critical user files on a device. In a typical ransomware case, you have to pay a criminal organization to unlock the files.
IRS WARNS ON CONTINUING COVID-19 SCAMS, AS $30B IN STIMULUS PAYMENTS COULD BE STOLEN
The news was first reported by ZDNet.
CryCryptor surfaced a few days after Canadian Prime Minister Justin Trudeau announced an official contact tracing app, known as COVID Alert. The app is slated to be released for testing in the province of Ontario early next month.
The COVID Alert app uses Bluetooth technology provided by Apple and Google, which announced a partnership in April to provide technology for COVID-19 contact tracing app developers.
The researchers at ESET, after analyzing the ransomware, created a decryption tool for victims, which unlocks affected files. The company said it informed the Canadian Centre for Cyber Security about the threat as soon as it was identified.
Not surprisingly, malicious hackers are already capitalizing on the legitimate push to create contact tracing apps.
SEXTORTION IS EVOLVING DURING THE CORONAVIRUS PANDEMIC, REPORT SAYS
Earlier this month, cybersecurity firm Anomali identified "multiple" fake COVID-19 contact tracing apps that are designed to download malware that steals personal data.
“These apps, once installed on a device, are designed to download and install malware to monitor infected devices, and to steal banking credentials and personal data,” Anomali said.
“Threat actors continue to imitate official apps to take advantage of the brand recognition and perceived trust of those released by government agencies. The global impact of the COVID-19 pandemic makes the virus a recognizable and potentially fear-inducing name, of which actors will continue to abuse,” Anomali said.
But even legitimate apps could be vulnerable.
Mobile application security firm Guardsquare recently published a report saying that the urgency to get apps quickly to market risks sacrificing security for speed as governments rush to get contact tracing tools out there as soon as possible to help reduce the spread of the virus.
Amnesty International has singled out certain countries rushing apps into development that “run roughshod over people’s privacy, with highly invasive surveillance tools which go far beyond what is justified in efforts to tackle COVID-19,” said Claudio Guarnieri, the head of Amnesty International’s Security Lab.