CryCryptor, a new ransomware, has targeted Canadian Android users, as it has distributed through multiple websites that pose as portals for a government-backed COVID-19 tracing app.
On June 24, it has been reported by ESET that CryCryptor appeared shortly after Canada’s government announced a COVID-19 tracing app that utilizes voluntary information submitted by citizens.
Once the victim installs the fake app, the ransomware encrypts all files, leaving a “readme” note with the attacker’s e-mail instead of locking the device. For this particular attack, ransom instructions appear to only be distributed via e-mail.
However, the ransomware’s code is based on an open source project which is available through GitHub.
Experts dismiss the claim that this ransomware “project” has research purposes:
“The developers of the open source ransomware, who named it CryDroid, must have known the code would be used for malicious purposes. In an attempt to disguise the project as research, they claim they uploaded the code to the VirusTotal service. While it’s unclear who uploaded the sample, it indeed appeared on VirusTotal the same day the code was published on GitHub.”
Likewise, ESET analysts have recently created an Android decryption app for victims of CryCryptor.
Thus, they clarify that it only works with the current version.
Source: Cointelegraph | Image: The Radware Blog
Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.
Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.
We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.