Be careful as you search for ways to get information about the ongoing coronavirus pandemic: You could inadvertently install malware or spyware on your phone.
Hackers thrive on chaos and see the current outbreak as a way to infiltrate people's devices and steal valuable information. A sign of the times: the U.S Health and Human Services Department, which is busy confronting the spread of the coronavirus, was hit with a cyberattack over the weekend. No vital information was accessed, officials said.
Cybercriminals typically try to take advantage of crises such as the coronavirus outbreak "or other events with mass media coverage to spread malware for a variety of reasons, primarily for short- or long-term gains," said Kristin Del Rosso, a security research engineer with mobile security firm Lookout.
She described the latest case: a coronavirus tracking app for Android smartphones that actually included spyware, which she described on the security firm's blog Tuesday. CNET first reported the finding.
The app, called "corona live 1.1," displayed information from the legitimate Johns Hopkins coronavirus tracker – with geographic data, and rates of infections and deaths per country – but had been "trojanized" with spyware, which basically tracked the user. It could access the device's photos, location, and other media and files, and seek permission to take pictures and record video, Del Rosso wrote.
The app did not appear in Google's Play Store, but was likely spread over social media or in third-party app stores, she says. While the app targeted Libyans, Rosso said, the malware "used in this campaign can be easily purchased and customized."
Lookout, which is one of several security firms working with Google's App Defense Alliance to analyze apps before they are made available, has seen an increase in COVID-19 themed ransomware, banking trojan, and phishing scams, Del Rosso told USA TODAY.
Concerns about misinformation and disinformation have led tech giants such as Google, Facebook, Microsoft and Twitter to team up to fight its spread. In related actions, Google last week reportedly took down an Android app developed by the Iranian government to track COVID-19 infections, but caused concerns with citizens that it was collecting their location and phone numbers, ZDNet reported.
How to avoid coronavirus-themed hackers
•'Do not panic': Del Rosso suggests that users not download apps from "unofficial app stores or from links you might get sent to you via text, even if sounds urgent. Even if you download a legitimate application from a legitimate store, and it asks for permissions you don't feel comfortable with, feel free to deny those permissions."
•Scrutinize before clicking: Be aware that apps displaying where coronavirus cases are being identified or other resources can be exploited to deliver malware, said Josephine Wolff, assistant professor of cybersecurity policy at The Fletcher School at Tufts University.
And take time to make sure something that purports to cite the Centers from Disease Control and Prevention or World Health Organization truly does. “In situations like these, when people are particularly eager for guidance or updates about an emergency situation, they may be more likely to click on links or attachments purporting to be from the WHO or CDC or other sources of reliable information," she said.
•Be vigilant: Those working in hospitals and medical facilities "may be more susceptible to ransomware attacks because they so desperately need to be up and running at full capacity right now," Wolff said.
The rest of us must be careful in opening attachments in email, downloading new software or surfing to unknown websites, she said. "If you have any doubt whatsoever about whether a message or an app is trustworthy, always better to err on the side of caution," Wolff said.
•Work at home ... with caution: As many more Americans work at home, they could be targeted by widespread hacking attempts, Lauren Weinstein, co-founder of People for Internet Responsibility, wrote on his blog Tuesday.
"Fake web sites purporting to provide coronavirus information and/or related products are popping up in large numbers around the Net," he wrote, "all with nefarious intents to spread malware, steal your accounts, or rob you in other ways."
Follow USA TODAY reporter Mike Snider on Twitter: @MikeSnider.