Cybercriminals Take Advantage of COVID Pandemic
In the days when millions of people have to communicate with colleagues, friends, and family members distantly via video conferences apps, cybercriminals are looking for new opportunities. Some people in need of socialization found their devices blocked by the villains demanding to pay a ransom in BTC. Sadly in all the cases highlighted below, we will see how mean people try to exploit the anonymity of cryptocurrencies.
The Zoom app is not safe. That's old news. There were many reports of how pranksters break into Zoom conferences and make chaos. More than that, it was discovered that Zoom can't be fully deleted from Mac in a regular way. These red flags already prompted some people to stay away from Zoom. However, the general public still uses it. Zoom became very popular in a short lapse of time and currently is one of the most downloaded apps. It's understood that criminals couldn't miss the opportunity to use the hype around a vulnerable application to make dirty money.
LA Times has reported the following story. Two Kolkata-based professionals have lost access to the data on their computers. The data was encrypted. Both men received emails with an ultimatum. Criminals demanded to pay a ransom in cryptocurrency — $1,000 worth of Bitcoin — as the condition to get access to the data back. The mails contained a link needed to purchase BTC. Criminals threatened that non-compliance with conditions or an attempt to call the police will lead to an outright loss of the encrypted data.
Nevertheless, the victims of hacking reported this case to the police. Now it's under investigation by the Special Task Force (STF) in association with the cyber-crime department. So far the role of the Zoom app is not totally clear but the investigators have no doubts that the hacking was executed using the Zoom vulnerabilities.
Coinminer In the Zoom Installer
Now let's take a glance at another example of how the popularity of the Zoom app can harm the careless users. The Trend Micro blog reports that cybercriminals spread the infected Zoom installers over the web. The download contains a legit application bundled with an invisible Coinminer. This malware utilizes the CPU and GPU of users to mine Monero.
Bleeping Computer pointed at Zoom installers secretly bundled with useless software (Computer BILD) or Remote Access Trojans (Bladabindi) that can take photos via the webcam, install more malware to the victim's device remotely or simply steal all the information from the computer.
These cases are not about the flaws of the Zoom application itself. It is rather a prime example of what people can face if they don't use the official website to download the software. If somehow you decide to use Zoom there's no other good way to download it besides the use of the official website or trusted sources like App Store or Google Play. In general, it is not recommended to use Zoom as it already proved itself to be unsafe. A number of states and organizations in security's sake have already banned the use of Zoom.
And finally, the last story for today — this time it has nothing to do with Zoom. We'll tell you about the CovidLock ransomware. The application containing CovidLock was spotted by the DomainTools team. The Android-based app was available on the Coronavirusapp website. Officially the purpose of the app was to provide the most relevant information of the COVID spread through heat maps. In fact, the app was a disguise for CovidLock — a malware that blocks the screen of the infected device and changes its password. The screen displays the message threatening to erase all the data on the device if the victim fails to send $100 worth of BTC to a certain address in 48 hours. The criminals also warn that they monitor the victim's GPS so if the device owner decides to go to police the data will be erased immediately.
In the situation when the coronavirus is a popular search request many search results can appear to be dangerous. DomainTools recommends searching for COVID-related information in trusted sources or on the institution- or government-backed websites. DT calls not to tap on the links sent via email by strangers (some people receive emails luring them with the coronavirus-related info that can be accessed via the link). DomainTools remind us that one shouldn't download Android apps from sources different than Google Play.
Many say that the epidemic doesn't create social or economic problems but rather catalyzes them. Cybercriminals, imprudent people, and vulnerable applications have existed long before 2020 but the emergency increased the variety and frequency of their collisions.
As a cryptocurrency advocating platform we feel worried because of one more thing. According to research, most people that don't use cryptocurrencies are sure that the prime usage of digital money is illicit purchases. The research overthrows this stereotype but the cases mentioned in this article give cryptocurrencies a bad name again.
We should protect ourselves not only from malware and bad actors but also from the misconceptions about cryptocurrencies. Digital coins are the tool and it depends on the hands that hold it if it is used for good or evil.