Author Topic: Fake Contact Tracing Phone Apps with crypto locking malware  (Read 82 times)

0 Members and 1 Guest are viewing this topic.

Offline ssfc72

  • Posting Member
  • Hero Member
  • *
  • Posts: 1323
A number of very authentic looking websites have been shut down, that were pretending to be government of Canada sites with Android Apps with Contact Tracing for the COVID virus.

https://nationalpost.com/news/canada/hackers-target-canadians-with-fake-covid-19-contact-tracing-app-disguised-as-official-government-software

The lesson here is, not to download any such type of App, unless it is found in the Google Play Store.
« Last Edit: June 25, 2020, 07:20:57 am by ssfc72 »
Mint 18.3 on an HP Pavilion X360, 11" k120ca notebook
Tried Mint 19, but too many bugs. Went back to Mint 18.3
Cellphone ZTE Axon 7 Mini, PCMobile pay as you go

Offline Jason Wallwork

  • President
  • Administrator
  • Hero Member
  • *****
  • Posts: 2848
Re: Fake Contact Tracing Phone Apps with crypto locking malware
« Reply #1 on: June 25, 2020, 01:51:37 am »
There's always somebody taking advantage of every situation. It's sad, really.

What I find odd about this is that if the app had to be downloaded from outside the Google store, you would get a warning when you tried to do this, that it's risky or potentially dangerous to do so.

Android 9 seems to be particularly careful. On my phone which uses Android 9, it gives you 3 warnings. One when you download, one to tell you that you can't run the app from outside sources unless you click settings and then toggle it. Under that toggle is another warning. I didn't' think in Android 7 and 8 that you could even install outside apps unless you turned on developer mode under system settings first but maybe it asks you, too (see below how you can check). So these websites that get people to download these malware apps have to convince users to bypass the warning(s).

Sometimes, you can only get apps outside the store. You just have to be very careful from where you get them. For example, F-Droid is an app that is a catalogue of FOSS (Free and Open Source Software) applications. There are others. I don't know the reasoning other than that the Google store requirements are too stringent in some cases for certain projects.

Btw, there is an actual app from the Government of Canada related to COVID-19. It mainly offers a daily check (for Health Canada data), an assessment and recent media releases from different levels of government. I find the last part to be the most useful.
"With all its sham, drudgery, and broken dreams, it is still a beautiful world." - Max Ehrmann, Desiderata

Offline ssfc72

  • Posting Member
  • Hero Member
  • *
  • Posts: 1323
Re: Fake Contact Tracing Phone Apps with crypto locking malware
« Reply #2 on: June 25, 2020, 07:23:20 am »
Good info, Jason, thanks.
Mint 18.3 on an HP Pavilion X360, 11" k120ca notebook
Tried Mint 19, but too many bugs. Went back to Mint 18.3
Cellphone ZTE Axon 7 Mini, PCMobile pay as you go