Phishing Emails and Malicious Apps - Adding to the Pandemic Rage
Phishing emails and malicious apps are gaining traction in the cyber world. Amidst the coronavirus outbreak, hackers are considering phishing emails and malicious apps as powerful attack vectors.
- Attackers are capitalizing on the pandemic and pushing ill-natured threat actors such as Trickbot, Agent Tesla, and Lokibot using phishing emails to trick people into clicking on malware-spiked links.
- The rise in malicious COVID-19 Android mobile apps are aimed at helping people track symptoms and virus infections. Nevertheless, the apps are also putting people’s data privacy and security at risk.
Why should you worry?
- Earlier in April, spearphishing emails were sent to targets, using the WHO trademark as a lure, to spread the LokiBot info-stealing trojan.
- The ongoing phishing campaign across the globe is employing emails that claim to be from specific officers at the Financial Industry Regulatory Authority (FINRA). The fraudulent emails target investment brokers with an aim to steal their Microsoft SharePoint and Office credentials.
- SLocker, an existing version of the Android device screen-locking malware, has been copied and repackaged in the form of a mobile COVID-19 app. The malicious Uzbek-language app, called “Koronavirus haqida” or “About Coronavirus,” locks victims’ screen, forbidding them access and asking ransom to restore regular functionalities. The malware survives a reboot and requires removal efforts via the Android Debug Bridge or Safe Mode.
- In March, the Colombian government released a mobile app, CoronApp-Colombia, on Google Play Store to help people track COVID-19 symptoms. However, the app contained vulnerabilities in HTTP communications, which impacted the privacy of over 100,000 users,
Be vigilant but not afraid
- Be wary of emails or other communications claiming to come from a public authority or legitimate domains.
- It is advisable to handle all emails related to COVID-19 with caution; avoid opening attachments.
- Government agencies must review sanctioned applications and inform people about where to download official apps.