When Apple and Google said they would jointly from tracking patients with coronavirus, they just opened Pandora’s box, from which immediately flooded hackers and other cyber criminals. A case that happened in Canada could be far more serious than just another app in order to cash in on smartphone users. As often happens, it was aimed at obtaining money, but not as is often the case — in the background through advertising and once in the forehead. Simply put, the phone of the unsuspecting user that cares about your health, you could just fail and stop working forever. What was it, what is dangerous and how not to fall into the trap of scammers?
The case, which it is impossible to tell, happened recently in Canada. It happened in the same day, when the Prime Minister Justin Trudeau has announced a voluntary nationwide application contact tracing of patients with coronavirus. Hackers have created an application extortionists, known as CryCryptor. The essence of this app is that it encrypts all the data of your smartphone and allows you to use it as long as the victim does not pay for this ”right”. To ensure that everyone understood everything on the screen will display a message with instructions. Nothing more the screen was not.
Fortunately, research group on security at ESET discovered the scheme. Currently, this application cannot be considered a mass threat, but it showed the direction of emergence of the next vulnerability. There is a substantial risk that such methods of extortion may soon become more common and start to appear around the world. Next, we consider how to avoid such problems with security and not become a victim of fraud.
The likelihood that the victim will infect your phone with this virus, depends on how loyal they are to install apps from third-party sources, i.e. not from Google Play. There, of course, also get viruses, but most often they are much more harmless. In the case of CryCryptor we can say that if you never install apps via APK, you are already protected from harm.
On Android there were apps which tricked the protection of Google Play
How to protect yourself from hackers
Those who do not understand what it’s about and is ready to install everything from third party sources, must know the schema of the attackers. First, the user visits the official website on which there is a link in Google Play Store to download the app to keep track of contacts with people infected with coronavirus. There he is invited to click on the button ”download Google Play”. In appearance it looks like for real and the victim of dulls vigilance.
After the user clicks on the button, it gets not in Google Play, but directly to the download file. As soon as it is downloaded (this happens quickly), he is immediately prompted to install it. If the phone should not prevent the installation of third party apps, it’s even easier.
Microsoft launches anti-virus for Android. Why it's a complete slag
What happens after you install viral app
When the application is installed, the user will do? Of course, it’ll activate. At this point, it will start performing its malicious task will encrypt all your phone data and will require money.
The user will get only textual information, which will tell you how to contact the scammers and pay them. If the user does not pay or does not decode the file, its data will be blocked forever.
ESET found two web sites that housed CryCryptor already closed. However it is only a matter of time before other hackers will adopt the same principle. Not to say that he had not met her before, but right now there is a reason to force the download of a specific application. The rest of the time such a fuss about something one usually does not happen.
Threat or virus CryCryptor
Fortunately, at the moment, ESET has developed a toolthat allows the victim to obtain ”antidote”, but all that being said, from time to time. The hackers who made this virus, they acted in haste and probably just didn’t manage to work out details. If the cause will take more serious professionals, the risk of serious consequences is much higher than at this time.
Many dangerous viruses for Android can be avoided if you keep an eye on the news in our Google News.
Once again we see that some of the opportunities and privileges that give us electronics manufacturers, lead to the fact that we ourselves are in danger. As it has many times been proven in practice, we need protection from ourselves. In the case described above the bait can catch even an experienced user, what is there to talk about beginners or just gullible people.
We again proved the Golden rule that the maximum you can protect yourself only by the refusal of third party applications. If you still use them, you need to understand how swing file, and be sure it is secure. Just not worth the risk.