This site uses cookies. Browsing the site, you agree to the use of cookies. If you need more information, please visit the Cookies Policy page
Subscribe
Прямой эфир
Cryptocurrencies: 3801 / Markets: 22434
Market Cap: $ 245 781 442 315 / 24h Vol: $ 111 958 692 479 / BTC Dominance: 65.449%

Н News

‘CovidLock’ Exploits Coronavirus Fears With Bitcoin Ransomware

528_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy9hNzU4YjQwMDJmYTZjNTQ2MDJhNTA0NGM0Y2YzYzg3MC5qcGc=.jpg

Ransomware hidden in a Coronavirus tracking app has been identified by cybersecurity threat researchers.

Opportunistic hackers are increasingly seeking to dupe victims using websites or applications purporting to provide information or services pertaining to coronavirus.

Cybersecurity threat researchers, DomainTools, have identified that the website coronavirusapp.site facilitates the installation of a new ransomware called “CovidLock.”

The website prompts its visitors to install an Android application that purportedly tracks updates regarding the spread of COVID-19, claiming to notify users when an individual infected with coronavirus is in their vicinity using heatmap visuals.

CovidLock ransomware launches screen lock attack on unwitting victims

Despite appearing to display certification from the World Health Organization and the Centers for Disease Control and Prevention, the website is a conduit for the ‘CovidLock’ ransomware — which launches a screen lock attack on unsuspecting users.

Once installed, CovidLock alters the lock screen on the infected device and demands a payment of $100 worth of BTC in exchange for a password that will unlock the screen and return control of the device to the owner. 

If a victim does not pay the ransom within 48 hours, CovidLock threatens to erase all of the files that are stored on the phone — including contacts, pictures, and videos.

The program displays a message intended to scare users into compliance with its demand, stating: “YOUR GPS IS WATCHED AND YOUR LOCATION IS KNOWN. IF YOU TRY ANYTHING STUPID YOUR PHONE WILL BE AUTOMATICALLY ERASED.”

DomainTools claims to have reversed engineered the decryption keys for CovidLock, adding that they will publicly post the key.

Coronavirus-themed website are 50% more likely to be malicious

According to cyber threat analyst, Check Point, coronavirus-themed domains are 50% more likely to be a front for malicious actors than other websites.

Since January 2020, the firm estimates that more than 4,000 domain names that relate to the coronavirus have been registered globally — 3% of which are deemed to be “malicious,” and 5% of which are described as “suspicious.”

U.K. public lose $1 million to coronavirus scams

On March 11, the U.K. Financial Conduct Authority warned of an increasing proliferation of coronavirus-themed scams - including investment scams fraudulently offering investments in crypto assets.

According to the U.K. National Fraud Intelligence Bureau (NFIB), many malicious sites are offering maps and visualizations tracking the spread of coronavirus — much like CovidLock. An NFID representative stated:

“They claim to be able to provide the recipient with a list of coronavirus infected people in their area. In order to access this information, the victim needs to click on a link, which leads to a malicious website, or is asked to make a payment in bitcoin.”

The NFIB estimates that coronavirus-themed scams have already defrauded the British public out of roughly $1 million.

Source

comments powered by Disqus