Fake COVID-19 vaccine registration SMS can trick you into installing malicious app, steal your contacts to inflict more damage

By Saurabh Singh7 days ago

Our investigation indicated that this malware campaign is currently targeting India.

This malware campaign is said to be currently targeting India. (Photo credit: @LukasStefanko)

The government of India has kicked off country’s largest vaccination drive against the novel coronavirus, but getting a slot to get vaccinated is not all that simple especially for those in the age group of 18-44. Availability of slots is subject to availability of vaccines and registrations remain choppy at best. In order to make the process wee bit more user friendly, several developers have designed notify-me websites that can tell you when slots open, though you will still need to head over to CoWIN, government’s official portal to complete the rest of the formalities. In the middle of all this, some malicious elements have also started to take advantage of the situation. Security researchers have found and brought to light a new “SMS worm” designed to trick unsuspecting people into installing malware on their Android devices under the guise of a COVID-19 vaccine registration app.

SMS Worm: what is it, how it works


First spotted by malware researcher Lukas Stefano and independently confirmed by cyber risk assessment firm Cyble, the SMS worm works by sending text messages containing a link to a website to potential victims. An executable code is downloaded on their device, should they click on the link, thereby rendering it infected. Thereon, hackers can initiate a broad range of attacks ranging from using the device for unauthorised activities to exposing personal data. Not just that, the SMS worm can also automatically send a copy of itself to every contact listed in the device repeating the chain of events without the victim’s knowledge.

Also Read | Having trouble finding slots on CoWIN? These COVID-19 vaccine appointment tracker sites can save you some time

“Our investigation indicated that this malware campaign is currently targeting India as the country struggles with the ongoing onslaught of the pandemic,” Cyble said in its report.

Continue read on financialexpress.com