'Get Corona Safety Mask' Scam

The 'Get Corona Safety Mask' scam is a scheme that distributes worms for Android Trojans under the disguise of a Coronavirus mask-purchasing application. The program can harvest contact lists for finding more victims and messages users after infecting the device automatically. Users should remove the 'Get Corona Safety Mask' scam's worm with suitable anti-malware tools before it causes any additional harm, and notify their contacts of the danger when appropriate.

Downloading Plague Protection can Come with a Different Infection

With threat actors jumping on the opportunities presented by the worldwide threat of COVID-19, AKA Coronavirus, it's a highly appropriate time for examining the social engineering techniques that these criminals abuse. Turning the disease into a general software theme (a la CoronaVirus Ransomware or CovidLock Ransomware) is one method. A more threatening option is using it as an exploit for installation, like the 'COVID-19 CONTACT' Email Virus, the COVID-19 WordPress Malware, and the 'Get Corona Safety Mask' scam. The 'Get Corona Safety Mask' scam uses desperation over inadequate N-95 mask production for delivering victims a worm.

The 'Get Corona Safety Mask' Scam's worm is an Android program that reproduces through collecting contacts (with additional filtering options, if the list is over one hundred entries) and spamming them with self-promotional SMS messages. The message, claiming that it offers purchasing options for anti-Coronavirus masks, links to the download of the threatening application. Malware experts are stressing the permissions that this application requests as being notable warning signs of the program being threatening.

The 'Get Corona Safety Mask' scam's centerpiece software, while functional, also is incomplete. Its other features limit themselves to redirecting users towards the threat actor's website, a fake mask-purchasing domain that also is in mid-construction. Estimates lean towards the criminals turning the site into a credit card-collecting 'payment portal' for nonexistent mask deliveries currently.

The Proper Protective Wear for Your Phone

As the 'Get Corona Safety Mask' scam targets Android users, smartphones are at far higher risk of harm than desktop systems – although similar tactics are extant on most OSes. Victims should inform their contacts of the risk and contact their credit card companies in cases of any website 'mask purchases.' Preemptive protection steps can include disabling scripts in your browser, using blacklists for known corrupted domains or IPs, and using anti-malware services with corrupted website-blocking features.

Although the 'Get Corona Safety Mask' scam's overarching goals aren't fully known quantities, the circumstantial evidence surrounding its attacks implies for-profit aims. Besides the collection of credit card data, users also might struggle against such issues as having their infected phones recruited into a botnet for activities like DDoSing or mining a cryptocurrency. The 'Get Corona Safety Mask' scam's worm should be presumed active until its uninstallation, and users should disable any network connections in the meantime entirely.

Reputable anti-malware services should identify the 'Get Corona Safety Mask' scam's worm and delete it if users don't refuse the installation during the permissions requests phase. While users should prioritize immediate disinfection, doing so doesn't reverse all the after effects involved in the worm's gaining access to contacts and other information.

The 'Get Corona Safety Mask' scam is a case of a tragedy giving birth to another one, with no end in sight. As humans suffer and make rash decisions, there always will be those who take advantage – predators in the humble landscape of your phone's operating system.