Check Point Researches Discover Hackers Pushing Coronavirus Apps To Takeover Android Devices

Amid the coronavirus outbreak, it seems that hackers have been highly activated in India. Earlier it was reported how cyber attackers are attempting to breach the security system of employees of big and small organizations who are working from home.

In the latest study by Check Point, it has been identified how malicious applications are imitated as coronavirus apps which are designed to take over your Android device.

According to the research note, once the malicious application is installed, a hacker takes intrusive control of your device via a remote shell. Your smartphone's calls, SMS, calendar, files, contacts, microphone and camera can be accessed by the hackers, also, to write, add and send privileges.

The malicious applications were not found on Google Play Store but where it was discovered in new coronavirus-related domains. The report suggests that these domains are created specifically to spread this application.

The Application Can Attack Anyone In 15 Minutes

Check Point reports suggest, "The applications were crafted via Metasploit, a free-penetration testing framework that makes hacking simple. Using Metasploit, anyone with basic computer knowledge can craft the same malicious applications in just 15 minutes. It's as simple as point Metasploit at your target, pick an exploit, choose a payload to drop, and hit Enter." The Metasploit is designed to target people who are searching for coronavirus related content.

Check Point researchers were able to find three samples, created by Metasploit framework, carrying the name - coronavirus.apk. This app can be easily delivered and installed on large numbers of devices and can execute device takeover. Once executed on the Android device, the app starts a service that hides its icon to make it harder to get rid of it.

"It continues by connecting to a C&C server (Command and Control) stored in an array in the malware's code," reads the research note.

According to the reports, Check Point researchers have discovered 16 different malicious apps, all masquerading as legitimate coronavirus apps, which contained a range of malware aimed at stealing users' sensitive information.

How to Protect Yourself?

• Uninstall the infected application from the device
• Install a security solution to prevent future infections
• Update your device Operation System and Applications to the latest version

Tips to Keep Your Mobile Devices Safe

• Don't connect to public Wi-Fi networks
• Enable remote lock and data wipe for mobile devices
• Avoid answering unsolicited calls
• When you surf the web, make sure you only use websites secured with SSL
• Download applications only from the official app stores

Meanwhile, do note that the Apple iPhone users are safe and they needn't have to worry about this malicious app. The researchers haven't found any threats for iOS users. Thanks to the highly-secured operating system.