CovidLock

CovidLock

CovidLock is a new Android malware threat that prays on peoples panic surrounding the current COVID-19 (Coronavirus) worldwide pandemic. CovidLock is a screen-locker Ransomware virus that targets Android devices, locking their screens and demanding a ransom in exchange for unlocking them.

CovidLock

With the recent worldwide spread of the new coronavirus (COVID-19) and the declared pandemic, the whole world is in panic, whilst trying to mitigate the consequences of this health hazard. However, there are always those who seek to profit from other peoples fear and panic and the case with the newly-reported CovidLockvirus is no different. This is a recently developed Ransomware that attacks Android smartphones and tablets. Below, we will tell you about how this virus spreads, how it works, and what the methods to fight it are.

CovidLock Ransomware

The CovidLock Ransomware spreads under the disguise of a tracker app for the Coronavirus. Praying on the panic instilled in the worldwide population, the hackers behind this Ransomware have found a way to capitalize on that by disguising their virus as an Android app that can supposedly track the spread of the virus and even notify the user if there are infected people nearby (less gullible users would immediately recognize the ridiculousness of this last statement about this fake tracker).

Once the user downloads and installs the Coronavirus Tracker, the fake app asks for a number of permissions from the user. Firstly, it asks the user to allow battery optimization for the app. This is to prevent the phone from automatically stopping the Ransomwares processes if the battery gets too low. The next thing required by the Ransomware in disguise is access to the Accessibility feature, which would further ensure that the virus stays active at all times, keeping the device locked. Lastly, the Ransomware tells the user it needs to be granted Administrator privileges. More experienced users would immediately recognize that theres something shady about an app that requires Admin privileges, but this is where the Coronavirus Tracker (CovidLock) tells the user that it needs these privileges in order to show notifications whenever a person infected with the real-life COVID-19 virus is nearby. This statement is obviously made by the Ransomware in order to convince the user to provide the needed permissions, but less naive users should immediately realize that this is nothing but a shameless scam and delete the malware app right away.

The lockdown

As soon as the user taps on the Scan Area For Coronavirus option after giving the malware app Admin rights, the devices screen gets blocked by a scary message, where the creators of the malware claim that the victim must pay 250$ in BitCoin to them or else all of the photos and videos kept on the infected smartphone would get sent to the users contacts. Before we get any further, we need to mention that if you are a victim of this Ransomware and currently have this scary message on the screen of your phone, you should know that none of the threats stated in there are true. The hacker doesnt have access to your phone and they cannot do anything to your files. The only real problem here is the fact that you wont be able to use your phone until you acquire the access key that can unlock the device. However, to get that key, theres no need to pay the required ransom – in the next paragraph, we will tell you exactly how you can deal with this malicious app on your own.
Covidlock 2
Covidlock 3

Unlocking your phone and removing CovidLock

Security researchers have examined the CovidLock viruscode and have determined that it is actually a rather simply screen-locking Ransomware that doesnt use encryption and the code to unlock it is always the same – 4865083501. If you have had the CovidLock virus attack your device, use this code to unlock it. Now your phone will be usable again but do not forget that the malware app is still in the device. To remove it, go to Settings > Apps (the list of installed apps) and find the Coronavirus Tracker application. Tap on the app and then select the Uninstall option. If you arent allowed to do that because the app has Admin rights, you may need to first open the Coronavirus Tracker again and revoke its Admin privileges, then go back to Settings > Apps and complete the uninstallation. 

blank

About the author

blank

Brandon Skies

Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

Leave a Comment