New type of ransomware targets Canadian Android users

 

A new ransomware called, CryCryptor, targets Canadian Android users. It is distributed through multiple websites, which pose as portals for a government-backed COVID-19 tracking application.

According to research published by ESET, on June 24, CryCryptor appeared shortly after the Canadian government announced a COVID-19 tracking application that uses information volunteered by citizens.

Coinbase welcomes Compound to its platform

 

Once the victim has installed the fake application, ransomware encrypts all of his files, leaving a „read me“ note with the attacker’s email instead of blocking the device. For this particular type of attack, rescue instructions seem to be distributed only by email.

Digital payments: Bitso Transfer service to be introduced in Argentina
An open source ransomware
The code of this ransomware is based on an open source project that is available through GitHub. Experts reject claims that this ransomware „project“ is for research purposes:

„The developers of this open source ransomware, which they called CryDroid, must have known that the code would be used for malicious purposes. In an attempt to disguise the project as research, they claimed to have uploaded the code to the VirusTotal service. While it is not clear who uploaded the sample, in fact the code appeared on VirusTotal the same day the code was posted on GitHub.

ESET analysts have recently created a Bitcoin Compass for Android, this application is focused on helping CryCryptor victims. They clarify that it only works with the current version of ransomware.

The latest Eth 2.0 test network being released
On April 28, Cointelegraph reported that a cybercriminal was posing as the FBI in an effort to steal from users of Android devices.

Earlier this year, a study published by the Colombian Chamber of Computing and Telecommunications revealed that by 2019, 89% of malware on Android devices in the country included code for crypto-mining.

Comments are closed, but trackbacks and pingbacks are open.