Fake and malicious coronavirus mobile tracking apps could spread amid pandemic

The CDC and a new study look at how long the coronavirus can live on surfaces. USA TODAY

Fake and malicious coronavirus mobile tracking apps could spread amid pandemic

Be careful as you search for ways to get information about the ongoing coronavirus pandemic: You could inadvertently install malware or spyware on your phone.

Hackers thrive on chaos and see the current outbreak as a way to infiltrate people's devices and steal valuable information. A sign of the times: the U.S Health and Human Services Department, which is busy confronting the spread of the coronavirus, was hit with a cyberattack over the weekend. No vital information was accessed, officials said.

Cybercriminals typically try to take advantage of crises such as the coronavirus outbreak "or other events with mass media coverage to spread malware for a variety of reasons, primarily for short- or long-term gains," said Kristin Del Rosso, a security research engineer with mobile security firm Lookout.

She described the latest case: a coronavirus tracking app for Android smartphones that actually included spyware, which she described on the security firm's blog Tuesday. CNET first reported the finding.

The app, called "corona live 1.1," displayed information from the legitimate Johns Hopkins coronavirus tracker – with geographic data, and rates of infections and deaths per country – but had been "trojanized" with spyware, which basically tracked the user. It could access the device's photos, location, and other media and files, and seek permission to take pictures and record video, Del Rosso wrote.

The app did not appear in Google's Play Store, but was likely spread over social media or in third-party app stores, she says. While the app targeted Libyans, Rosso said, the malware "used in this campaign can be easily purchased and customized."

Lookout, which is one of several security firms working with Google's App Defense Alliance to analyze apps before they are made available, has seen an increase in COVID-19 themed ransomware, banking trojan, and phishing scams, Del Rosso told USA TODAY.

Concerns about misinformation and disinformation have led tech giants such as Google, Facebook, Microsoft and Twitter to team up to fight its spread. In related actions, Google last week reportedly took down an Android app developed by the Iranian government to track COVID-19 infections, but caused concerns with citizens that it was collecting their location and phone numbers, ZDNet reported.

How to avoid coronavirus-themed hackers

•'Do not panic': Del Rosso suggests that users not download apps from "unofficial app stores or from links you might get sent to you via text, even if sounds urgent. Even if you download a legitimate application from a legitimate store, and it asks for permissions you don't feel comfortable with, feel free to deny those permissions."

•Scrutinize before clicking: Be aware that apps displaying where coronavirus cases are being identified or other resources can be exploited to deliver malware, said Josephine Wolff, assistant professor of cybersecurity policy at The Fletcher School at Tufts University.

And take time to make sure something that purports to cite the Centers from Disease Control and Prevention or World Health Organization truly does. “In situations like these, when people are particularly eager for guidance or updates about an emergency situation, they may be more likely to click on links or attachments purporting to be from the WHO or CDC or other sources of reliable information," she said.

•Be vigilant: Those working in hospitals and medical facilities "may be more susceptible to ransomware attacks because they so desperately need to be up and running at full capacity right now," Wolff said.

The rest of us must be careful in opening attachments in email, downloading new software or surfing to unknown websites, she said. "If you have any doubt whatsoever about whether a message or an app is trustworthy, always better to err on the side of caution," Wolff said.

•Work at home ... with caution: As many more Americans work at home, they could be targeted by widespread hacking attempts, Lauren Weinstein, co-founder of People for Internet Responsibility, wrote on his blog Tuesday.

"Fake web sites purporting to provide coronavirus information and/or related products are popping up in large numbers around the Net," he wrote, "all with nefarious intents to spread malware, steal your accounts, or rob you in other ways."

Follow USA TODAY reporter Mike Snider on Twitter: @MikeSnider.

Source: https://www.usatoday.com/story/tech/2020/03/18/spyware-apps-mobile-phones-could-spread-amid-coronavirus-pandemic/2865792001/

News Related

ORTHER NEWS

Trump’s ‘mission accomplished’ moment is premature and deadly. We have not defeated COVID.

Desperate for crowds and adoration, Trump has put his most fervent supporters at risk of getting a deadly disease. Future historians will be astonished. Read more »

NFLPA president JC Tretter says NFL is putting season, players at risk with its coronavirus approach

NFL Players Association president JC Tretter said Tuesday the NFL is putting the 2020 season at risk with its coronavirus approach, calling on the league to better “prioritize player safety.” “Like many other... Read more »

Brazilian President Jair Bolsonaro says he tested positive for the coronavirus

RIO DE JANEIRO (AP) — Brazil’s President Jair Bolsonaro says he has tested positive for COVID-19 after months of downplaying the virus’ severity. Bolsonaro confirmed the test results while wearing a mask and... Read more »

Venice Film Festival forges ahead amid COVID-19 pandemic with reduced lineup

The show will go on for the Venice Film Festival in September, but with a few modifications due to the COVID-19 pandemic. Organizers said Tuesday that they are pushing forward with plans for... Read more »

Amtrak offers buy-one, get-one promotion on its sleeper trains amid COVID-19 — with a catch

Amtrak wants you to have sweet dreams the next time you travel — so much so that it’s sweetening the deal on its sleeper “roomettes.” The rail service is offering a buy-one-get-one-free discount... Read more »

Florida teen treated with hydroxychloroquine at home before dying of COVID-19, report says

FORT MEYERS, Fla. – The family of a 17-year-old Florida girl who died last month from COVID-19 treated her symptoms at home for nearly a week before taking her to a hospital, a... Read more »

Mookie Betts worried MLB coronavirus testing woes could prevent him from ever playing for Dodgers

During nearly four months away from the game, Mookie Betts said he “stayed away from baseball to keep myself sane.” It’s not hard to understand why. The 2018 American League Most Valuable Player... Read more »

Tom Hanks doesn’t get ‘how common sense has somehow been put into question’ with coronavirus

Read more »

Can Gov. DeSantis force Florida schools to reopen amid the coronavirus pandemic? Some school leaders seem doubtful.

PALM BEACH, Fla. — As concern about the state order spread online, some school leaders said: Not so fast. As Florida educators puzzle over how to start the new academic year, Gov. Ron... Read more »

Texas surpasses 200,000 coronavirus cases after 4th of July holiday weekend

AUSTIN, Texas – Texas reached 200,000 total COVID-19 cases Monday, just 17 days after crossing the 100,000 threshold, a figure that took the state nearly four months to hit. The grim milestone came... Read more »