On May 1, India began its vaccination programme for people aged 18 to 44, making all of the country’s adult population eligible for COVID-19 vaccines. Although it is difficult to get slots, several app developers have created websites that provide information about when slots are available.
Hackers are now circulating a bogus SMS message that appears to sell a vaccine registration app to unsuspecting users.
Lukas Stefanko, a security researcher who discovered the malware, demonstrated how it operates on Twitter.
Hackers give users an SMS message that says, “REGISTER FOR COVID VACCINE FROM AGE 18+” and instructs them to download the “COVID-19” app. When the user clicks on the connection in the message to download the app, it asks for permission to view all of the user’s contacts and messages. The malware then sends text messages to other devices using the contacts it has retrieved from the computer.
The software was also modified with a light mode and the name was changed to ‘Vaccine Register,’ according to Stefanko. As of now, Android users are the only ones that have been affected.
The malware was also acknowledged by cybersecurity firm Cyble, which said that the fake COVID-19 vaccine registration app collects sensitive information from the user’s computer. Malware on the computer was also classified as performing activities, according to the company. It involves things like using the computer for unauthorised purposes, disclosing personal data from the device and mobile accounts, and deleting data from the device or services without permission.
Furthermore, the malware may use the billing plan to send messages without the user’s knowledge.
“We discovered a list of identical apps under different names and functionalities but replicates the same permissions and entry points from twitter with several abandoned repositories,” Cyble explained in a blog post. “These apps seem to have been made by the same person.”
Users should keep their antivirus software up to date in order to detect and avoid malware infections, according to the company. It also advised that clear passwords and two-factor authentication be used when logging in.
Furthermore, before granting access, users must check the permissions required by the app.