According to a report by the National Post, hackers are targeting Canadians using fake COVID-19 contact-tracing apps disguised as the official government of Canada software. Malicious computer ransomware is said to be embedded in these apps that allows the hackers to hijack the user’s data and holds it for ransom.
According to computer security firm ESET, the bogus app was advertised as Health Canada-approved and was cleverly distributed through coronavirus-themed websites that look just like the official government of Canada websites.
Installing the fake COVID-19 contact-tracing app activates a hidden program called CryCryptor that hijacks the user’s confidential data. Hackers then demand payment for releasing these private data files.
ESET has already alerted the Canadian Centre for Cyber Security, a government computer security agency that is part of the Communications Security Establishment.
“Once the user falls victim to CryCryptor, the ransomware encrypts the files on the device — all the most common types of files — but instead of locking the device, it leaves a ‘readme’ file with the attacker’s email in every directory with encrypted files,” said Lukáš Štefanko, an ESET malware researcher.
The fake government websites distributing the app went offline shortly after being reported to the Canadian Centre for Cyber Security.