September 22, 2020

NITB warns citizens of a ransomware app pretending to be Coronavirus update app

March 17, 2020 – The National Information Technology Board (NITB) issued a Cyber Threat Alert on March 16, warning people about a ransomware app claiming to be providing updates on Coronavirus.

According to NITB, the Android app titled “Coronavirus Pandemic Updates” downloadable through the URL http://coronavirusapp[.]site/ pretends to be providing latest information on the epidemic engulfing the world.

This app appears to be employing ransomware technology which engages, according to dictionary definition, “a type of malicious software designed to block access to a computer system until a sum of money is paid.” As soon as the user opens this app on their device, their access to their phone’s operating system and data on it is lost, and the user will be asked to pay a certain amount of money in order to gain access to the device again. NITB advises people to not download or install this app or other similar apps.

The app shows the heat map, statistical information and live updates on the Coronavirus from around the world, but in reality it’s infecting the mobile phone, and forces users to change their screen-lock, also known as screen-lock attack, which has been used in the past to block Android devices for ransom.

According to Techworm – an online technology magazine, “Once the ransomware performs a screen-lock attack, victims are given a 48-hour deadline to pay a $100 ransom in bitcoin to remove the lock. They are also threatened that their contacts, pictures, videos, and phone’s memory would be erased as well as their social media accounts would be leaked publicly.”

The ransomware software claims, “Note: Your GPS is watched and your location is known. If you try anything stupid your phone will be automatically erased.” 

Ransomware apps like this are used to hack people’s devices and data in order to extort money. This particular app misuses a global epidemic for its own criminal activities which is not just morally troubling, but is also a violation of privacy of individuals.

Previously, ransomware like WannaCry crippled the digital infrastructure of corporations worldwide by infecting their servers with the malicious software, and demanding millions of dollars worth of money in exchange for the removal of the said software.

Where social media is playing an essential role in spreading awareness around the pandemic, individuals will have to be careful in what they choose to access and believe on the internet. Even when the world is dealing with a deadly virus, it’s important more than ever to critically analyse any information that is sent your way. Only trust and forward the information that is coming through an authentic source, like the websites setup by the government (NITB recommends: http://app.nhsrc.gov.pk/)  or resources published by the World Health Organisation (WHO) on their website: https://www.who.int/health-topics/coronavirus.

Written by

Hija is a Programs Manager at Media Matters for Democracy. She combines her experience in digital rights in Pakistan to lead digital rights and internet governance advocacy of MMfD. She tweets at @hijakamran

No comments

leave a comment