CryCyptor ransomware poses as a government-backed COVID-19 Android tracing app to deploy its attack.
A new ransomware called CryCryptor is targeting Canadian Android users. It is distributed via multiple websites that pose as portals for a government-backed COVID-19 tracing app.
According to research published by ESET on June 24, CryCryptor appeared shortly after Canada’s government announced a COVID-19 tracing app that utilizes voluntary information submitted by citizens.
Source: ESET
Once the victim installs the fake app, the ransomware encrypts all files, leaving a “readme” note with the attacker’s email instead of locking the device. For this particular attack, ransom instructions appear to only be distributed via email.
An open source ransomware
The ransomware’s code is based on an open source project which is available through GitHub. Experts dismiss the claim that this ransomware “project” has research purposes:
“The developers of the open source ransomware, who named it CryDroid, must have known the code would be used for malicious purposes. In an attempt to disguise the project as research, they claim they uploaded the code to the VirusTotal service. While it’s unclear who uploaded the sample, it indeed appeared on VirusTotal the same day the code was published on GitHub.”
ESET analysts have recently created an Android decryption app for victims of CryCryptor. They clarify that it only works with the current version.
On April 28, Cointelegraph reported that cybercriminals have been posing as the FBI in an effort to defraud Android users.
Earlier this year, a study published by the Colombian Chamber of Informatics and Telecommunications revealed that in 2019, 89% of malware on Android in the country included code for crypto mining.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.