GO Ad-Free for $1.99/m I 7-Day Trial
Samsung sale live
The Samsung Store kicks off its annual Discover Spring Sale, slash the price on an S25 Ultra by up to 75% now.
00 days
00 hrs
00 mins

DELETE this app right now: Coronavirus tracker locks Android phones, demands ransom

By
2comments
Google News Follow
Follow us on Google News
Android
DELETE this app right now: Coronavirus tracker locks Android phones, demands ransom
Update: According to Reddit user luca020400, the hard-coded password is "4865083501".

The world is paralyzed in the clutches of the COVID-19 pandemic right now, and a number of wrongdoers are trying their best to benefit from the panic and confusion that's running rampant. Aside from speculation and price-gouging with scarce hygiene products, scalpers are trying to take away one of the vital mediums of information spread - your smartphone. 

A seemingly-useful Android app that claims to be showing the spread of coronavirus in your general area is reportedly locking users out of their devices and requiring ransom to unlock the phones. The so-called CovidLock ransomware takes advantage of a security flaw and creates a bespoke screen lock password that the user can't guess on their own. 

The malicious app claims to show a heatmap with COVID-19 cases around the user and is not found on the Google Play Store. Instead, it was hosted at the coronavirusapp[.]site domain. A kind reminder that downloading unsigned apps from outside the Play Store is not recommended. 

Newly discovered ransomware performs a screen-lock attack by forcing a change in the password required to unlock a phone, explains DNS threat intelligence company DomainTools today in a blog post authored by Tarik Saleh, senior security engineer and malware researcher. For Android Nougat devices and later versions, the attack only works if the user has never bothered to set a screen lock password in the first place. However, older devices are more vulnerable to the flaw. 


Once a phone gets infected by the coronavirus tracker, the unlucky users are asked for a $100 in bitcoin to be paid within 48 hours in order to remove the custom screen lock. Staying true to their lowly methods, the attackers are also threatening the victims to claim hold of their personal data, like photos, videos, social media accounts, and so on, as well as claiming they have a hold of their GPS location at all times and could remotely wipe the infected Android phone.  

DELETE this app right now: Coronavirus tracker locks Android phones, demands ransom

“Note: Your GPS is watched and your location is known. If you try anything stupid your phone will be automatically erased,” claims the pathetic ransomware app.

“Cybercriminals like to exploit people when they are at their most vulnerable. They use dramatic events that cause people to be emotional or fearful to drive their profits,” said Saleh. “The coronavirus is no different. Shortly after the first cases were confirmed, DomainTools’ researchers observed a minor uptick in domain names leveraging Coronavirus and COVID-19. These registrations have peaked significantly in the past few weeks and many of them are scams.”


To protect yourself, don't download any shady apps outside of the Play Store and don't buy into the panic!
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free
https://m-cdn.phonearena.com/images/users/90-200/Peter-K.jpg
Peter Kostadinov Senior Reviews Writer
Peter, an experienced tech enthusiast at PhoneArena, is captivated by all things mobile. His impartial reviews and proficiency in Android systems offer readers valuable insights. Off-duty, he delves into the latest cryptocurrency trends and enjoys sci-fi and video games.
Loading Comments...

Popular stories

Lightning is about to strike loyal T-Mobile customers again
Lightning is about to strike loyal T-Mobile customers again
T-Mobile customers are walking out because of stupid policy but employees are getting castigated
T-Mobile customers are walking out because of stupid policy but employees are getting castigated
Don't be surprised if you receive $25,000 from T-Mobile in April
Don't be surprised if you receive $25,000 from T-Mobile in April
Verizon makes a huge announcement to put minds at ease
Verizon makes a huge announcement to put minds at ease
Google takes the battle to scammers with a new groundbreaking feature for Android and Pixel phones
Google takes the battle to scammers with a new groundbreaking feature for Android and Pixel phones
Your next phone may come from T-Mobile with one big edge over current devices
Your next phone may come from T-Mobile with one big edge over current devices

Latest News

iPhone 16e has MagSafe - if you believe hard enough
iPhone 16e has MagSafe - if you believe hard enough
Apple's surprising new iPad Air packs M3 power in 11 and 13-inch sizes at unchanged prices
Apple's surprising new iPad Air packs M3 power in 11 and 13-inch sizes at unchanged prices
Pixel 10’s rumored new assistant might have Apple wishing Siri was ready sooner
Pixel 10’s rumored new assistant might have Apple wishing Siri was ready sooner
Samsung is offering an irresistible Galaxy S25 discount with no strings attached at last
Samsung is offering an irresistible Galaxy S25 discount with no strings attached at last
Galaxy S26 Ultra could get this beastly new 5G modem - Apple, you paying attention?
Galaxy S26 Ultra could get this beastly new 5G modem - Apple, you paying attention?
This foldable phone goes global and it makes the Galaxy Z Flip 6 look like a luxury tax
This foldable phone goes global and it makes the Galaxy Z Flip 6 look like a luxury tax
FCC OKs Cingular\'s purchase of AT&T Wireless