New Ransomware Masquerading as COVID-19 Tracing App

CryCryptor targeting Android users in Canada; ESET researchers find decryption tool for victims of cyberattack

Photo: Bigstock

New ransomware is being used in cyber-attacks under the guise of an official Canadian COVID-19 tracing app, security researchers from ESET announced this past week.

"CryCryptor," the new ransomware has been targeting Android users in Canada and is being distributed via two websites under the pretext of an official COVID-19 tracing app provided by Health Canada.  The researchers said the ransomware surfaced just a few days after the Canadian government officially announced its backing of a nation-wide voluntary tracing app called COVID Alert.

The app is set for testing in the province of Ontario beginning next month.

ESET said in a post on its website that it had informed the Canadian Centre for Cyber Security about the threat.

"Once the user falls victim to CryCryptor, the ransomware encrypts the files on the device – all the most common types of files – but instead of locking the device, it leaves a “readme” file with the attacker’s email in every directory with encrypted files," ESET website stated.

Fortunately, ESET researchers were able to create a decryption tool for victims of this ransomware attack.

You might be interested also

Russian President Vladimir Putin chairs a meeting of his country's Security Council. Photo: Reuters

The Russian Constitutional Referendum of July 1, 2020

Commentary: What does President Putin want to achieve with his constitutional reform? Centralization of true power in his hands, up to two terms and even beyond but, on the other hand, distribution regulated by the central power to the regional governments. A new configuration of power in Russia until Putin finds his true heir apparent. If he ever finds him, of course.