Cybercriminals are misusing COVID-19 global pandemic to prey on users to steal personal information, and recently, they have developed a malicious mobile application: Coronavirus Tracker.
This malicious software-laced Coronavirus Tracker obtained from the malicious website (coronavirusapp[.]site) that tricks users into providing real-time Coronavirus outbreak.
The app takes full control of the phone and locks you out, but as this has been cracked, you can simply get rid of it by entering pin 4865083501 and unlock the phone.
This key works fine for Android versions 7.0, and above but sometimes it doesn't work; in this case, you will have to use PassFab Android Unlocker, which is a sure shot method to get rid of Covid lock Android ransomware.
Part 1: How to Remove Android Password If You Locked out of Phone by CovidLock
There is no big deal for PassFab Android Unlocker to remove any kind of password. This three-step software is easy to use even the non-tech users can use this software effectively. Moreover, PassFab Android Unlocker works smoothly on Windows and Mac and support all Android version.
Let's start to unlock the device.
First, you need to download PassFab Android Unlocker on your computer or laptop. Once downloaded, install and start the tool.
Step 1: Connect your locked phone to your PC / Laptop via USB cable.
Step 2: Choose Remove Screen Lock Feature
Step 3: Press the "Start" button to initiate the process of removing the screen lock.
Step 4: As soon as you hit the "Start" button, and click "Yes" to erase your data.
Step 5: Now you can see the progress window on your screen indicating that the removing is in progress.
Step 6: After a few minutes you will be able to the message "Screen password has been removed successfully!" You just need to press "Done" to terminate the process.
Additional Tip: How to Protect Your Android Phone from Attacks
Android 7.0 Nougat and higher offers protection against this type of attacks but they only work when you have screen password/protection enabled. I have not enabled screen loc you are vulnerable to this kind of attack, so we are here to offer some tips to protect users from these attacks.
- Always make sure only to use trusted information sources: do not open websites / Email that contains malware and make sure the site has valid certificates installed (HTTPS instead of HTTP)
- Ensure that you have downloaded Android Applications only from Google Play Store. Third-party stores are not secure and secured by Play Protect, that's why there is a risk.
- Always update your software because All operating system regularly sends firmware, especially security patches.
- You can use premium Antivirus software, which offers 24x7 protection. They are capable of detecting and eliminating the threat.
- Do not open links through ads, SMS messages, emails.
These precautions as mentioned above, are somehow useful, but to take some additional step, we need to know how this application works.
he web coronavirusapp[.]site tricks you into downloading the Android Application that can detect Corona patients around us and prompt you to install it after you are finished downloading.
After installation, the application asks you to enable some permissions. These permissions are trick you to grant administrative rights to the application.
When you agree to grant permission, this application gets the complete control of your mobile and loc yourself out of the device. The application changes your phone password and demands some 250$ worth bitcoin grant you access to all of your files, data, social media account, and full access to your device, or else you will lose everything, and your phone will be erased.
Technical details of the application revealed that:
- This ransomware doesn't use the internet, XML file (the file contains mostly all information, Package name, Application permissions) of this application doesn't have any internet permission at runtime.
- The hacked device screen shows that all of your data is at risk is false; the hacker doesn't have access to your data.
- There is no encryption algorithm used but a code for hiding icons and deleting activities from the Recent List, so that is why unlocking is easy.
- The application is entirely static, and even the unlocking pin is hardcoded in the source code (So pin 4865083501 can be used to unlock the device).
- The app can be uninstalled easily; some of the Android versions requires all of the admin permission should be revoked first then proceed to uninstall the app.
All of these were obtained from application itself by decompiling the APK to Source Code.
Summary
This article guides users about a malware that locks them out of their devices and asks for money to return the access. In the first section an easy to use method is explained that can help users unlock their hacked phone with PassFab Android Unlocker. In the next section how to protect your device from Android Ransomware explains the tips and detailed guide of unlocking Android device.