Ransomware disguises as federal pandemic contact tracing app

Malicious actors create website posing as official site for coronavirus contact tracing app

Ransomware disguises as federal pandemic contact tracing app


By Lyle Adriano

Following Prime Minister Justin Trudeau’s recent announcement that the federal government is working on a COVID-19 tracing app, two fake websites have offered downloads of a fraudulent version of the app, which installs ransomware on users’ devices.

According to a report from security vendor ESET, which first discovered the ruse, the fake websites were designed to look like official federal government sites. The websites were quickly created after Trudeau announced plans for a contact tracing app on June 18.

“The sites use convincing domains and are lacking the typical spelling mistakes that usually make it easy for a discerning eye to spot it as a risk,” ESET explained.

The app offered on the fake websites contains Android ransomware called CryCyptor, which locks smartphone users from their phone by encrypting the files on the device. The malware then instructs victims to email the attackers “to discuss recovery,” ESET noted.

ESET said that it had notified the federal Canadian Centre for Cyber Security about the fake websites. The security vendor also told IT World Canada in an interview that the two sites – which were hosted in the Netherlands – have since been taken down.

The Canadian Centre for Cyber Security confirmed in a recent statement that it had worked with a “commercial partner” to take down the two websites.

“Throughout the global COVID-19 pandemic, the Cyber Centre has worked closely with industry partners and commercial and international cyber response teams to facilitate the removal of malicious websites, including those that have spoofed Canadian Government departments and agencies,” the agency said. “These efforts have resulted in the removal of a significant number of Canadian themed fraudulent sites that were designed specifically for malicious cyber activity, such as phishing and malware delivery.”

The agency additionally advised that Canadians be vigilant about any fake and malicious websites and/or applications related to COVID-19.

ESET has also recommended smartphone users to only download apps from official sources such as Google Play or Apple stores.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!