As the coronavirus spreads, several hackers have seen it as an opportunity to make some extra cash. They have been taking advantage of people’s need to find information and using that to steal from them. To do this, they are using a simple but effective trick. Users are tricked into installing a malicious app that is supposed to help them track COVID-1 cases.
The Scam Has Been Uncovered
Once a user installs the app on their phone, they are locked out and the hackers demand a $100 ransom to help them unlock their device. This scam was uncovered by DomainTools and they posted a blog post describing it. The researchers promised that as soon as they reverse-engineered the CovidLock ransomware, they would release the key free.
When they began working on how to unlock the ransomware, they succeeded quite quickly. They discovered that scammers had hardcoded a decryption key into the ransomware. The researchers said that they are not sure if this is the only decryption key. However, if a victim pays the ransom, it is the key, which they receive. The main point is that it does work and that is what matters.
The researchers shared the unlock code publicly via a tweet. According to the tweet, anyone who installed the infected COVID-19 tracking app should use the code "4865083501" to unlock his or her device. They added that the key was hardcoded into the app, which means it will work for everyone.
No One Fell for the Scam
The DomainTools researchers wrote a technical paper regarding the ransomware. In the paper, they noted that no one appears to have sent BTC to the Bitcoin address that came with CovidLock. As a result, it would appear that the criminals spent all their time and effort doing something that proved to be of no profit to them eventually.
Remember the Key
The key provided by the researchers is “4865083501.” If your android device had already been locked but you were unwilling to pay the ransom, you can now easily unlock it with this key. You will discover that all your data is unlocked and you can delete the app.
How to Stay Safe
The app is not effective against Android Nougat. As a result, if your device can be upgraded to Nougat, you should do it today. Besides that, the researchers advise people to set up a strong password. Otherwise, the protection will not work if you do not set a password. This is important since the hackers might try again under a new name and using a new code.
Besides that, you should only download your apps from the main Google Play Store. If the app does not qualify to be on the Play Store, it is probably because of security concerns. Additionally, you should get all your data from trusted government sites. The WHO site offers regular updates on the spread of COVID-19.
If you follow the basic anti-phishing recommendations, you should be quite safe. These are not smart criminals targeting people. They are just opportunistic criminals.
Image Source: Pixabay