Home > Cyber News > Android Ransomware Distributed as COVID-19 Tracer Software in Canada
CYBER NEWS

Android Ransomware Distributed as COVID-19 Tracer Software in Canada

by   |  Last Update:  |  0 Comments  

Android users in Android should stay on alert for Android ransomware that poses as a mobile COVID-19 tracer software made for Canadian citizens. The collected samples are categorized to come from the CryoCaptor ransomware family which is a dangerous group of malware.




CryCryptor Andoid Ransomware Poses as Legit Canada COVID-19 Tracer Software

The recent COVID-19 crisis has been used by malware developers worldwide in order to distribute viruses across all platforms. Android is no different as the recent tracing software which have been developed by government institutions and private organizations. An unknown hacking group has made a counterfeit Android COVID-19 tracing app which is actively being sent to the target users. This ransomware is part of the CryCryptor ransomware engine – a group of related threats. The collected sample impersonates a Canadian application. The hacking group has designed the virus in order to impersonate the application developed by Health Canada.

It is distributed using different infection methods including counterfeit messages, download sites and other types of web sources. Some of the captured versions were analyzed and the results show that the hacker group has used an open-source ransomware project hosted on GitHub as the base for the creation of the ransomware.

Related: [wplinkpreview url=”https://sensorstechforum.com/nitrohack-malware-discord-attack/”]NitroHack Malware Infects Discord Clients In Worldwide Attack

When the infection has infiltrated a given Android device the intended built-in sequence will be run. The actual file processing will partially lock down the devices and will process sensitive user data with a strong cipher. The data that will be encrypted will be stored in memory. In every location where there are affected a readme file will be crafted which includes the ransom note instructions. The victims will be manipulated into emailing the hackers to their Proton Mail inbox. When they receive an answer for them they will be manipulated into paying a decryption fee which is to be wired through cryptocurrency assets. For every individual device which has been compromised an unique ID will be assigned to every computer.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Related posts:
  1. Blackrock Trojan Is a Android Malware Believed to Be Descendant from Lokibot The BlackRock Trojan is one of the newest Android Trojans...
  2. Air Canada Mobile App Data Breach: Passport Details Affected A serious data breach affecting Air Canada has been announced....
  3. Google’s Latest Android Security Update Fixes 47 Vulnerabilities Google has delivered their last and probably final Android update...
  4. “Delayed payment confirmation caused by COVID-19” Removal The “Delayed payment confirmation caused by COVID-19” scam has just...
  5. COVID-19 Vaccine Supply Cold Chain Hit by Cybercriminals The latest target of cybercriminals is the international vaccine supply...
  6. Coronavirus Tracker Android Ransomware App Removal (COVID-19 Malware) Coronavirus Tracker is an app for Android devices and it...
  7. Nissan Canada Data Breach Affects Various Customer Data The end of the year is approaching but cybercriminals know...
  8. Top 10 Worst Android Applications Draining Your Battery in 2017 You may regard Android as an amazing and well optimized...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree