skip to Main Content
bitcoin
Bitcoin (BTC) $ 95,935.70 1.68%
ethereum
Ethereum (ETH) $ 3,326.95 1.55%
tether
Tether (USDT) $ 1.00 0.18%
xrp
XRP (XRP) $ 2.25 0.31%
bnb
BNB (BNB) $ 658.30 1.06%
solana
Solana (SOL) $ 182.56 0.99%
dogecoin
Dogecoin (DOGE) $ 0.319433 1.65%
usd-coin
USDC (USDC) $ 1.00 0.17%
staked-ether
Lido Staked Ether (STETH) $ 3,321.88 1.65%
cardano
Cardano (ADA) $ 0.895438 2.01%

COVID-19 Ransomware Plagues Canadian Android Users

CryCyptor ransomware poses as a government-backed COVID-19 Android tracing app to deploy its attack.

1581 Total views

18 Total shares

COVID-19 Ransomware Plagues Canadian Android Users

A new ransomware called CryCryptor is targeting Canadian Android users. It is distributed via multiple websites that pose as portals for a government-backed COVID-19 tracing app.

According to research published by ESET on June 24, CryCryptor appeared shortly after Canada’s government announced a COVID-19 tracing app that utilizes voluntary information submitted by citizens.

Source: ESET

Source: ESET

Once the victim installs the fake app, the ransomware encrypts all files, leaving a “readme” note with the attacker’s email instead of locking the device. For this particular attack, ransom instructions appear to only be distributed via email.

An open source ransomware

The ransomware’s code is based on an open source project which is available through GitHub. Experts dismiss the claim that this ransomware “project” has research purposes:

“The developers of the open source ransomware, who named it CryDroid, must have known the code would be used for malicious purposes. In an attempt to disguise the project as research, they claim they uploaded the code to the VirusTotal service. While it’s unclear who uploaded the sample, it indeed appeared on VirusTotal the same day the code was published on GitHub.”

ESET analysts have recently created an Android decryption app for victims of CryCryptor. They clarify that it only works with the current version.

On April 28, Cointelegraph reported that cybercriminals have been posing as the FBI in an effort to defraud Android users.

Earlier this year, a study published by the Colombian Chamber of Informatics and Telecommunications revealed that in 2019, 89% of malware on Android in the country included code for crypto mining.

Loading data ...
Comparison
View chart compare
View table compare
Back To Top