EXECUTIVE SUMMARY:

Over the past month, many articles have been published recommending that we keep our mobile phones clean to reduce the risk of coronavirus infection.  While there’s still some debate over whether it’s necessary to clean your phone case and screen to get rid of possible germs, it’s a good idea to watch out for internal infections that your phone could pick up.  Skilled threat actors are exploiting peoples’ concerns about coronavirus to spread mobile malware, including Mobile Remote Access Trojans (MRATs), Banker Trojans, and Premium Dialers, via apps which claim to offer coronavirus-related information and help for users.

Check Point’s researchers discovered 16 different malicious apps, all masquerading as legitimate coronavirus apps, which contained a range of malware aimed at stealing users’ sensitive information or generating fraudulent revenues from premium-rate services.

It’s important to note that none of the malicious apps were available on an official app store. They were offered from new coronavirus-related domains, which researchers believe had been created specifically with the aim of deceiving users. More than 30,103 new coronavirus-related domains were registered in the past few weeks, of which 0.4% (131) were malicious and 9% (2,777) were suspicious and under investigation. Over 51,000 of coronavirus-related domains in total have been registered since January 2020.

How to protect yourself?

It is important that users only download apps from legitimate app stores such as Google Play and Apple’s AppStore.

If you suspect you may have one of these infected apps on your device, here’s what you should do:

• Uninstall the infected application from the device
• Update your device Operation System and Applications to the latest version
• For your personal device, we recommend using a mobile-specific security solution such as ZoneAlarm Mobile Security to check that all the apps on your phone are legitimate and not malicious.

For more info on this topic, click here.