Being cautious and updated with the latest news about the ongoing chaotic issue with COVID19 is a must for everyone. Knowing the current status for each country and reports of its spread and especially the statistics is the best defense for our protection. As the current mandate and part of the mitigation strategy of each affected country, many have declared their lockdown procedures. In line with these developments, we need to be able to keep up with all the latest news and updates. And we usually do that via the internet, using our computers and mobile devices.
The current pandemic situation did not stop the hackers from their hideous act; what’s worse is that they have used the pandemic situation as an opportunity to widen their attacks further. Cybercrime Solutions researchers confirmed the recent mobile ransomware attacks backed by their report as mobile users in some countries in Europe, and North Africa have been experiencing extortion from hackers through an App-Lock program.
As people are keen to be updated on the latest news, the attackers devised a means to infiltrate mobile phones using a Covid19 app. The app made a promise to provide updates on current news and statistics. Therefore, users immediately rushed to download it, not knowing that it’s laced with malware designed to lock their phones and hold them hostage.
To be able to unlock their phone, the mobile ransomware will urge the victim to call a specific number. Once successfully connected, the culprit will ask for the ransom money.
The threat actor expects the payment, or else the victim would not be able to use their device at all. Victims that were hooked and immediately paid as per the attackers’ demand can unlock their phones only to discover that the code is their mobile number without the plus sign (+).
In line with this attack, some Mobile App Monitoring team also confirmed that such behavior was already reported before. Calling them in general – Screen Locker malware or SLocker malware, this has become well known because of the current circumstances. For the solution of the malware removal, they advised that they can use an Android Debug Bridge software or remove the hideous app through the Safe Mode service of the mobile device.
Though it was determined that the malware is not as lethal in effect as other regular ransomware applications, this attack will leave users that are not well versed on gadgets helpless as soon as they are locked out of their device. As prudent as one can be with the latest trends and happenings, we should always be vigilant and be on the lookout for possible malicious attacks. As many have advised, only download apps from legitimate developers or manufacturers, those with secured and approved platforms. With this, we can ensure that we are one step ahead of being compromised.
