CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware

DomainTools researchers identified a malicious Android application called "CovidLock" distributed from coronavirusapp.site that poses as a COVID-19 tracker; the app installs ransomware that changes the device unlock password (screen-lock attack), demands $100 in bitcoin, and threatens data deletion and public leaking of social accounts. DomainTools reversed the decryption keys, is monitoring the Bitcoin wallet, and recommends obtaining information from trusted sources, installing apps only from Google Play, and ensuring devices have a screen lock enabled.