The coronavirus spread curve in Spain continues to grow and we are still far from reaching the ceiling. Our country tries to shield itself against the virus by decreeing a state of alarm that may not be enough. Meanwhile, thousands of responsible citizens stay at home, close their businesses and avoid contact with other people to try to stop their spread. Right now, having the most information about the coronavirus is our priority. In addition to resorting to official sources, many are opting for third-party tools, such as applications. However, these are a perfect breeding ground for malware, ransomware, and other security threats.
As is always the case, cyber criminals take every opportunity to bring malware to as many people as possible. Whenever there is a massive effect, a problem affecting many people, or a special event, malicious applications or web pages multiply. The Coronavirus is no exception and we have dozens of undesirables trying to sneak these viruses into our phones and computers.
CovidLock hijacks your files and asks for a ransom
The impact of the coronavirus does not only affect health. Telecommunications operators have made a series of recommendations to avoid the saturation of broadband networks, sports competitions have been suspended, television programs are being canceled and thus a long etcetera of consequences.
With people confined at home, access to information about the virus is vital. This is why many trust their mobile phones and special coronavirus apps. Coronavirus-related domains have skyrocketed in recent weeks. One of the most visited is coronavirusapp.site that promises to offer real-time information on covid 19 cases worldwide through an Android application.
This application is NOT downloaded from Google Play, something that should already make us suspicious. In addition, security researchers have confirmed that it is a ransomware called CovidLock . Like any other ransomware, it hijacks our files by encrypting them and demands a monetary ransom in order to recover them.
Once installed, the application asks for various permissions, such as the possibility of displaying notifications. What it actually does is get us to enter the lock PIN. Once you have obtained this information, we discover that it is a ransomware that asks for $ 100 for allowing us access to our files. Luckily, it is a somewhat old attack that no longer works from Android Nougat.
