As countries around the world have begun providing Covid-19 touch tracking programs to their citizens, cybercriminals have taken the opportunity to distribute Android malware, according to a new report from EclecticIQ and ThreatFabric.
Researchers from corporations and others have known Android malware disguised as official touch search programs for Colombia, India, Singapore and Indonesia. Surprisingly, the Indian pattern was released just thirteen days after the official Indian touch search app was available on the Google Play Store.
After analyzing the samples, EclecticIQ and ThreatFabric discovered that they were the fundamental and open source malware SpyMax, SpyNote and Aymth. Attackers have also repackaged programs with Metasploit to give them remote access features to Trojans.
To distribute their malicious touch search apps, cyber-criminals relied on phishing links designed to trap users to install their apps.
Based on the findings of the EclecticIQ and ThreatFabric report, it is almost certain that risk actors will continue to use open source and commodity-based malware disguised as valid touch search programs for monetary purposes.
The low access barrier presented through these tools, combined with the continued rollout of tactile search programs in countries around the world, presents an ongoing monetary opportunity for cyber criminals in the near future.
ElecticIQ’s Fusion Center electronic intelligence specialist Peter Ferguson explained in a press release that users only download Covid-19 touch tracking apps from official app stores, saying:
“Users never download Android touch search apps from links sent to them or from third-party stores. If you need to download the touch search app from your country, use the official online page or Google Play Store.”
Throughout the pandemic, cybercriminals have continually tried to take advantage of the disruption it has caused around the world via Covid-19 as a decoy to trap users to install malware on their devices. They will probably continue to launch similar campaigns because of their good luck so far. This means that businesses and consumers will need to stay on the lookout for Covid-19 threats and scams.
Sign up for the latest news, reviews, reviews, research and more, as well as generation offers!
Thank you for registering with TechRadar. You will soon receive a verification email.
There’s a problem. Refresh the page and re-consult.
TechRadar is from Future plc, a foreign media organization and a leading virtual publishing house. Visit our corporate website.