Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

ESET Researchers Discover New Android Ransomware, Provide A Decryptor

A new ransomware family, which ESET detects as CryCryptor, has been targeting Android users under the guise of an official COVID-19 tracing app. ESET put an end to the attack

Sydney – June 24, 2020 - ESET researchers, thanks to a tweet announcing a discovery of what was thought to be Android banking malware, discovered a ransomware operation targeting Android users in Canada. Using two COVID-19 themed websites, the attackers behind the operation lured people to download a ransomware app disguised as an official COVID-19 tracing tool. Now, both websites are down. ESET researchers wrote a decryption tool for CryCryptor’s victims, based on a bug in the malicious app.

“CryCryptor contains a bug in its code that allows any app installed on the affected device to launch any service provided by the buggy app. So, we created an app that launches the decrypting functionality built into CryCryptor,” explains Lukáš Štefanko who conducted the research.

The targeting of the ransomware operation, including its timing, coincides with the announcement by the Canadian government of the intention to back the development of a nation-wide, voluntary tracing app to be called COVID Alert.

“Clearly, the operation using CryCryptor was designed to piggyback on the official COVID-19 tracing app,” comments Štefanko.

With the malicious websites down, security vendors aware and decryptor available, this app no longer poses a threat. However, this is true only for the one particular version of CryCryptor.

CryCryptor is based on an open source code. “We notified GitHub, where the code is hosted, but they don’t have an excellent track record in taking down malicious projects,” comments Štefanko.

ESET products provide protection against the CryCryptor ransomware, detecting it as Android/CryCryptor.A.

Besides using a quality mobile security solution, we advise Android users to install apps only from reputable sources such as the Google Play store,” concludes ESET’s Štefanko.

For more details, read the blog post “New ransomware uses COVID-19 tracing guise to target Canada; ESET offers decryptor” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

What Lies Beneath: Is The Housing Market Turning?
Rising interest rates, combined with further tightening of credit availability appear to be dampening the enthusiasm of investors and first home buyers. While house values continue to rise, what lies beneath QV's latest figures is growing evidence that price pressure has shifted... More>>



R&NTU: KiwiRail strike notices withdrawn following new offer

Strike notices on KiwiRail have been withdrawn. Rail and Maritime Transport Union General Secretary Wayne Butson says following negotiations between the RMTU and KiwiRail, a new offer from KiwiRail will be taken back to union members for ratification... More>>



Banking: Stress Tests Show Strengthening Bank Resilience

The latest stress tests carried out by the Reserve Bank of New Zealand – Te Pūtea Matua show strengthening resilience in the banking sector and the benefits of continuing to build capital buffers... More>>



Reserve Bank: Deputy Governor Reflects On Time At RBNZ
Central bankers must continue to look forward to guard against the unpredictable, Deputy Governor Geoff Bascand says in a speech published today. Mr Bascand joined the Reserve Bank of New Zealand – Te Pūtea Matua in 2013 during the aftermath of the Global Financial Crisis... More>>


Xero: Data Reveals ICT Expenditure Key To Small Business Sales Growth
Xero, the global small business platform, today released a new report which shows New Zealand small business ICT expenditure has increased 25 percent compared to pre-pandemic levels - more than the UK (20%) and Australia... More>>


Fonterra: Lifts Forecast Farmgate Milk Price Range And Revises Earnings Guidance At First Quarter Update

Fonterra Co-operative Group today lifted its 2021/22 forecast Farmgate Milk Price range, reported a solid start to the 2022 financial year and revised its earnings guidance... More>>


Canterbury Museum: New Research - Bald Haast's Eagle Feasted On Moa Guts

New Zealand’s extinct Haast’s Eagle (Hieraaetus moorei), the largest known eagle, gulped down viscera like a vulture and may even have been bald, new research suggests... More>>