New Coronavirus Malware App Locking Android Users Out Of Their Phones - GSM-Forum

axecom · 04-12-2020, 11:08

As ever, Android‘s greatest strength has also proven to be its greatest weakness after it emerged that there’s a new malware doing the rounds, and it’s being installed by people who are going outside the Google Play Store for their apps.

Security research company DomainTools has found a new malware that takes the form of a coronavirus tracking app going by the name CovidLock.

The app, once installed, locks users out of their phones and then demands a ransom to unlock it. It wants $100 in Bitcoin within 48 hours, or everything will be erased. Oh, and it says that it will leak all of your social media accounts online.

In reality, the app is poisoned with ransomware. This Android ransomware application, previously unseen in the wild, has been titled “CovidLock” because of the malware’s capabilities and its background story. CovidLock uses techniques to deny the victim access to their phone by forcing a change in the password used to unlock the phone. This is also known as a screen-lock attack and has been seen before on Android ransomware.

There is some good news, though. As Android Central notes, one Reddit user says that they’ve been able to go code diving and as a result they know the password that unlocks everything. So, if you’ve fallen foul of this malware, just enter the password “4865083501” without the quotes and you should be back up and running.

This is yet another reminder that installing apps that aren’t available via the Google Play Store is a bad idea unless you 100% trust the source. Hopefully, this particular malware’s days are numbered.

Source: DomainTools | Via: Android Central

04-12-2020, 11:08	#1 (permalink)
axecom No Life Poster Join Date: Oct 2010 Location: Lebanon Age: 36 Posts: 1,949 Member: 1424719 Status: Offline Sonork: 100.1619833 Thanks Meter: 2,563	New Coronavirus Malware App Locking Android Users Out Of Their Phones As ever, Android‘s greatest strength has also proven to be its greatest weakness after it emerged that there’s a new malware doing the rounds, and it’s being installed by people who are going outside the Google Play Store for their apps. Security research company DomainTools has found a new malware that takes the form of a coronavirus tracking app going by the name CovidLock. The app, once installed, locks users out of their phones and then demands a ransom to unlock it. It wants $100 in Bitcoin within 48 hours, or everything will be erased. Oh, and it says that it will leak all of your social media accounts online. In reality, the app is poisoned with ransomware. This Android ransomware application, previously unseen in the wild, has been titled “CovidLock” because of the malware’s capabilities and its background story. CovidLock uses techniques to deny the victim access to their phone by forcing a change in the password used to unlock the phone. This is also known as a screen-lock attack and has been seen before on Android ransomware. There is some good news, though. As Android Central notes, one Reddit user says that they’ve been able to go code diving and as a result they know the password that unlocks everything. So, if you’ve fallen foul of this malware, just enter the password “4865083501” without the quotes and you should be back up and running. This is yet another reminder that installing apps that aren’t available via the Google Play Store is a bad idea unless you 100% trust the source. Hopefully, this particular malware’s days are numbered. Source: DomainTools \| Via: Android Central Last edited by axecom; 05-01-2020 at 10:52.