Anomali Threat Research Detects Fake COVID-19 Contact Tracing Apps Spreading Malware
Anomali, a provider of intelligence-driven cybersecurity solutions, today announced that threat actors are using fake COVID-19 contact tracing apps to infiltrate Android devices. After being downloaded, the apps install malware that can be used to steal data and conduct device surveillance. Governments around the world are working with app developers to provide legitimate COVID-19 tracing apps as part of their efforts to reduce the spread of the virus that is causing the global pandemic. Because contact tracing app programs are in widespread use and highly publicized, the likelihood that threat actors will try and capitalize on government programs will continue to increase.
The Anomali Threat Research (ATR) team identified 12 fake apps targeting citizens in Armenia, India, Brazil, Chhattisgarh, Columbia, Indonesia, Iran, Italy, Kyrgyzstan, Russia, and Singapore. The fake health-surveillance apps are downloading Anubis and SpyNote malware, and other instances of generic malware. Anubis is an Android banking trojan that utilizes overlays to access infected devices and then steal user credentials. SpyNote is an Android trojan used for gathering and monitoring data on infected devices. We believe the threat actors are distributing the malicious apps via other apps, third-party stores, and websites, among other channels.
Anomali Threat Research emphasizes that public and private sectors should use technology to assist in handling the crisis wherever possible, adding that we cannot overlook the fact that technology creates risk. Cybersecurity concerns must be addressed, as this research shows that threat actors are attempting to capitalize on these technology initiatives for malicious purposes.
In addition to this research, Anomali has identified more than 6,000 COVID-19 Indicators of Compromise (IOCs) that flooded the internet in the days following emergence of the pandemic. These are available to our customers via their licenses and open sourced to the security community.
Recommended AI News: Nimbix Expands Hybrid Cloud HPC Software Platform