How to Protect Yourself From Virtual Attacks That Use the Pandemic as a Cover

Discover 5 types of malware that infect smartphones through applications that use the COVID-19 theme

Due to the current situation around COVID-19, the smartphone is one of the devices that pose the most health risks, not only because it is in permanent physical contact, but also because it represents a threat to the privacy of user data.

Researchers at the security company Check Point found 16 applications that appeared to be reliable, but actually contained a number of malicious programs. The apps are designed to steal sensitive user information or generate fraudulent revenue from paid services. In addition, researchers warn of the types of mobile malware most used by cybercriminals (including MRATs, banking Trojans, and Premium dialers) and provide tips for protecting against these types of threats.

Although, in most cases, applications are downloaded directly from an official store for Android or iOS, currently, many pages related to the new Coronavirus pandemic offer the possibility of directly downloading this type of service.

Therefore, it is essential to take precautions, as cybercriminals are experts in taking advantage of the topics covered in the current news to camouflage attacks, in this case, under this Coronavirus theme.

The Five (5) Types of Mobile Malware Most Used to Infect Applications Under the Theme Covid-19

Check Point researchers clarify that none of these apps were available at any official stores, but that all malicious applications detected came from new domains related to COVID-19, designed specifically to trick users.

They offer help and information about the disease. They also point out the types of mobile malware most used by cybercriminals to infect these applications:

1. Bank Trojans :

This threat is usually presented as legitimate software, but once downloaded, it offers remote access to cybercriminals and complete control of the computer and the information the victim stores on it.

Check Point experts have detected that some applications have been infected by Cerberus, a robust Trojan that allows you to record all keystrokes (credentials included), steal authentication data on Google and any SMS received (those with double authentication factor included), and control the device remotely via TeamViewer.

2. Remote Access Trojan

Also known as MRAT (Mobile Remote Access Trojan), it is a type of computer virus that allows cybercriminals to obtain and complete control and monitoring of a mobile device on which it has been installed.

Typically, these types of threats are installed on a device for the purpose of stealing data or for surveillance activities.

3. Premium Dialers

They are malicious applications for mobile devices that subscribe to the victim to paid services without his knowing. Recently a new family of dialers has been detected that uses the COVID-19 theme in order to infect a cell phone and make calls to other numbers to subscribe to different services.

4. Vulnerability Scanning Tools

Vulnerabilities in devices and applications are one of the major weaknesses. A clear example is Metasploit (present in several applications discovered by Check Point), a very easy to use vulnerability and exploitation validation tool.

Metasploit allows anyone with basic computer skills and the right environment to create sophisticated programs to perform any type of malicious activity.

In addition, this tool stands out because any application infected with this malware keeps its icon hidden to make it more difficult to get rid of it.

5. Mobile Adware

This type of malicious program aims to display unwanted advertisements on the device's screen. One of the best known is Haddad, which was detected in applications that offered information about COVID-19 for people who speak Arabic.

When executed, the malware hides its icon to prevent its removal, at the same time that it starts distributing advertisements on the screen, regardless of whether the user is accessing the application or not.

In order not to be a victim of these types of threats, Check Point always recommends having the latest updates in the operating system and in all programs installed on the smartphone, in addition to downloading applications only from official Android or iOS stores and deleting any application at the slightest indication. that it can be malicious. Also, they have suggested having a next-generation antivirus such as endpoint security software.