Biz Blocks by Michael Bacina, Partner Piper Alderman Lawyers | April 03/2020
Cybercriminals seem incapable of passing up an opportunity to made a bad situation worse, as the number of coronavirus-themed domain registrations associated with scams skyrockets.
The most common theme is a standard screen-lock attack method, packaged in an app that advertises real-time updates on the COVID-19 pandemic. Instead, the app installs ransomware which prevents user access to the phone and threatens to erase phone data if a ransom isn’t paid in Bitcoin or another digital currency.
One of the most prominent ransomware applications is “CovidLock”, which thankfully, DomainTools researchers have already reverse-engineered the decryption key for. At the time of writing, only 0.00018096 BTC (about AUD$2) has been transferred to the Bitcoin wallet being used by the CovidLock scammers.
Another increasingly common scam being used is webpages giving fake wallet address QR code conversions. The webpages in question allow users to enter the addresses of their digital currency wallets. From there, the wallet address is converted into a QR code, ostensibly allowing users to more easily send and receive from that wallet. In fact, the website generates a QR code which actually directs funds to a wallet controlled by the website, rather than the user.
These scams are a timely reminder that we all need to take security seriously, particularly in difficult economic times where seemingly easy wins are even more appealing to many.
Connect with Michael on LinkedIn