There seems to be a race going on every government to come up with a contact tracing app, and another part of the scene are threat actors who could also come up with a copycat app. It is undoubtedly a copycat that may exist on every legitimate application when somehow someone tries to exploit the apps. Covid19 apps are a notion to breach privacy, discrimination, and marginalization.
On March 9, Colombia’s president, Ivan Duque, announced the launch of the CoronApp-Colombia app as a way for Colombians to send health updates and receive coronavirus news. It uncovered that the app, which has over 100,000 users, exposes user data. This includes passport numbers, passwords, and self-disclosed health information. The CoronApp-Colombia app had a vulnerability where it was sending Personal Health Information (PHI) and Personally Identifiable Information (PII) data in plaintext.
An Italian app is traced to have 12 malicious APKs that is impersonating a genuine app called SM-COVID-19. The malicious campaign’s goal is to infect smartphones with backdoor malware that runs on startup when the Android device reboots. The attack campaign uses reverse TCP tunnels, the testing framework Metasploit penetration, and tools based on msfvenom to infect individuals. There are also legitimate, official coronavirus app that was similarly lacking in TLS security. However, the usage of some technology raises multiple privacy concerns as well.
The Iran Government launched a mobile app that claimed to be able to diagnose coronavirus infection. Still, what it mainly does is collecting location data of millions of citizens, essentially acting as a backdoor so the government can track its people in real-time.
Israel commissioned to use the app to secretly collect cellphone data that is usually utilized for counterterrorism.
The application deployed by the Iranian government, and made available via an app store called CafeBazaar, was harvesting personal info & tracking citizens instead of disseminating information on the coronavirus.
A fake application called CoronaApp was found available at coronaapp.ir, ready for direct download. This unofficial download website is linked to multiple news related websites, Telegram groups, and social media network posts. It is still unknown how the app arrived there and how far it has been distributed.
No known malware and spyware protection can prevent someone from being compromised. It is essential to get your downloadable apps from official app stores, always read apps review, look at who developed the app, quality check on the apps store from bad graphics, grammar, and spelling. If you have raised doubt, think twice before downloading.