It didn’t take long for criminals to take advantage of Prime Minister Justin Trudeau’s announcement that Canada has approved a COVID-19 tracing app to go into action.
According to security vendor ESET, it discovered two fake websites designed to look like official Government of Canada sites were quickly created after the June 18 announcement, advertising a so-called official Android official COVID-19 tracing app allegedly endorsed by Health Canada.
“The sites use convincing domains and are lacking the typical spelling mistakes that usually make it easy for a discerning eye to spot it as a risk,” ESET said in a news release late Tuesday.
And while the app may look convincing, it contains Android ransomware named CryCyptor that encrypts files on the victim’s smartphone. Then they are told to email the attacker “to discuss recovery.”
ESET said that on Tuesday it notified the Canadian Centre for Cyber Security, the federal department that advises the public and private sectors on protecting critical infrastructure. In an interview this morning Alexis Dorais-Joncas, lead of ESET’s research and development team in Montreal, said the two sites — which were hosted in the Netherlands — were down by Tuesday afternoon. No other sites are distributing the fake app so far.
In a statement this afternoon the Canadian Centre for Cyber Security confirmed that working with “a commercial partner” the two phony sites have been taken down.
“Throughout the global COVID-19 pandemic, the Cyber Centre has worked closely with industry partners and commercial and international cyber response teams to facilitate the removal of malicious websites, including those that have spoofed Canadian Government departments and agencies,” said the statement. “These efforts have resulted in the removal of a significant number of Canadian themed fraudulent sites that were designed specifically for malicious cyber activity, such as phishing and malware delivery.
“Canadians must…
Privacy 2024 Recap – some significant decisions, slow progress for reform
The past year saw a few court decisions of note as well as halting progress toward privacy…