New ransomware masquerading as COVID-19 tracing app

CryCryptor targeting Android users in Canada; ESET researchers find decryption tool for victims of cyberattack

A man holds a laptop computer as cyber code is projected on him (photo credit: KACPER PEMPEL/REUTERS)
A man holds a laptop computer as cyber code is projected on him
(photo credit: KACPER PEMPEL/REUTERS)
 New ransomware is being used in cyber-attacks under the guise of an official Canadian COVID-19 tracing app, security researchers from ESET announced this past week.
"CryCryptor," the new ransomware has been targeting Android users in Canada and is being distributed via two websites under the pretext of an official COVID-19 tracing app provided by Health Canada.  The researchers said the ransomware surfaced just a few days after the Canadian government officially announced its backing of a nation-wide voluntary tracing app called COVID Alert.
The app is set for testing in the province of Ontario beginning next month.
ESET said in a post on its website that it had informed the Canadian Centre for Cyber Security about the threat.
"Once the user falls victim to CryCryptor, the ransomware encrypts the files on the device – all the most common types of files – but instead of locking the device, it leaves a “readme” file with the attacker’s email in every directory with encrypted files," ESET website stated.
Fortunately, ESET researchers were able to create a decryption tool for victims of this ransomware attack.
Read more from Cybertech News: https://www.israeldefense.co.il/en/categories/cybertech