Fake Apps Deliver Malware Mimicking As TraceTogether
In this Coronavirus crisis, where countries and peoples are trying to cope with it. The hackers are still dedicated to finding new ways to distribute malware.
Since many countries are easing out the lock down and normalizing the movements, the tracing apps have an important role to play.
Tracking apps like “Trace Together, ” uses the Bluetooth technology, to warn users if they recently came in contact with any infected person.
Fake Apps Mimics TraceTogether To Spread Malware
Recently, the Singapore Computer Emergency Response Team (SingCert), a unit of the Cyber Security Agency of Singapore, warns users about the fake apps mimicking Singapore’s national contact tracing app TraceTogether.
“These fake applications are usually embedded with Trojans or malware that, when executed, could be used to monitor users’ activities on the device and/or steal their personal data,” said SingCert.
The fake app uses the same brand name as the TraceTogether app. However, the malicious app acts more like a banking Trojan, that can be used to steal banking details, passwords and other information.
12 Malicious Contact Tracking apps Found
The US-based cyber security firm Anomali, said in a blogpost on Wednesday, about discovering 12 such deceptive contact tracing apps. These were designed by hackers to trick users into spreading the Trojan or banking malware. Once installed, they can steal sensitive data from the device.
Fortunately, the Good news is, SingCert has not detected any downloads of such fake apps yet.
Out of the 12 fake apps, two of them found to be mimicking TraceTogether.
The Anomali said that the fake apps are not likely to be downloaded from official platforms like Google Play Store or Apple’s App Store. Rather, they use dubious websites, third-party platforms as well as other apps to distribute those.
SingCert Warns Users To Use Only Official Sources To download Apps
- SingCert, thus advised users to only use official sources like the App store or Play store to download the apps.
- Further, they also urged to verify the developer information from their original sources, if they wish to download from any other sources.
- Lastly, users should be aware of the apps asking for unnecessary permissions to access apps and settings.
“Look through the application’s reviews, and be wary of poorly reviewed applications. Multiple poor reviews or comments may be an indication of issues with the application,” SingCert said.
How To Stay Safe
Apart from above mentioned safe practices, follow the below guild-lines to stay protected
- Users should check for applications downloaded from any unofficial sources. And if found, users should delete them. If the suspicious apps can’t be removed, then you should do a factory reset.
- Further Scan your device for any malware present on the device.
- Enable Two-factor authentication for banking apps.
- Use a reputable password manager to keep passwords secure and encrypted.
Although, it is very important to enable 2FA on your accounts, and use strong passwords. But to keep the passwords secure you should use a reputable Password Manager tool like Dashlane(Review).
To secure Your Digital Wallets download DashLane Password Manager Now.