If you were unfortunate enough to fall victim to the malicious Coronavirus Tracker app for Android, we’ve got some good news: You can unlock your phone without paying the Bitcoin ransom.
Researchers from security firm ESET have noticed the hackers hard-coded the ransomware key. Even better: After digging into the code, the researchers were able to extract key. To remove the malicious app, simply enter the following code: 4865083501.
#ESETresearch ALERT: #COVID19 #Android #Ransomware: If you installed malicious Coronavirus Tracker app that locked your smartphone and requested ransom, use "4865083501" code to unlock it. Key is hardcoded. @LukasStefanko Details: https://t.co/6fIm5STFIU pic.twitter.com/ojkRkGznPN
— ESET research (@ESETresearch) March 17, 2020
It remains unclear how users fell for the Coronavirus Tracker ransomware, but DomainTool, the company which first unearthed it, notes the campaign doesn’t seem to have spread widely. Still, the code should come in handy to those affected.
As we previously reported, hackers are exploiting the coronavirus pandemic to spread malware. Indeed, domains with coronavirus-related names are 50% more likely to infect your system than any other domains. Researchers further warn there’s a surge in malicious coronavirus maps and dashboards.
If you’re still looking for an app to track the spread of coronavirus, make sure to pick one from a legitimate source — we’ve got some suggestions for you.
For more information about the coronavirus, please visit the following sources:
- World Health Organization COVID-19 Q&A
- European Center for Disease Control and prevention facts on COVID-19
- Center for Disease Control COVID-19 facts