Fake coronavirus tracking apps are really malware that stalks you

The surveillance industry is exploiting fears stemming from the global health crisis.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
2 min read

As people panic over the pandemic, they are clearing store shelves and turning to tracking apps -- some of which are actually malware.

Shara Tibken/CNET

The coronavirus outbreak is facilitating invasions of privacy, with apps about the pandemic being retooled to track a person's every move. 

Researchers from mobile security company Lookout discovered an Android app called "corona live 1.1," which pretends to be the real "corona live" app and uses the Johns Hopkins coronavirus tracker -- an actual and legitimate resource for tracking infection rates, death counts and recovery rates around the world. 

While people using the app thought they were keeping tabs on the pandemic, the malicious app was actually tracking them: getting access to the device's photos, videos, location and camera. The camera access would allow the attackers to take photos and record videos and audio, Lookout said. 

"This surveillance campaign highlights how in times of crisis, our innate need to seek out information can be used against us for malicious ends," Lookout said in a blog post. The security company warned against downloading apps from a third party because of the security concerns. 

Lookout's findings aren't the only case in which apps are using coronavirus anxiety to surveil people en masse. CNET sister site ZDNet reported that the Iranian government's official coronavirus tracking app raised privacy concerns after users accused it of collecting phone numbers and real-time location data. 

The coronavirus outbreak has spread at an alarming rate, forcing cities to shut down and major events to be canceled in an attempt to slow the rate of new cases. Fear over the outbreak has caused people to panic buy and spread false information. Hackers have always exploited current events, like tax season or award shows, to trick victims into cyberattacks they normally would not fall for. 

The coronavirus outbreak is no different. Security researchers have seen an uptick in hacking attempts amid the pandemic, and as in the case of the malicious apps, the attacks have gone beyond well-disguised emails. 

The pandemic has also created a path for surveillance. The Israeli government is tracking citizens using their phone location data to stop the spread of the coronavirus, and the US government is considering a similar approach.  

The Lookout researchers who found the fake coronavirus tracker app linked it to SpyMax, a low-cost commercial surveillanceware tool that people can buy online. The tool is implemented in apps and can then remotely activate cameras and microphones, as well as read call logs, text messages and locations. 

"We appreciate Lookout's work as a member of the App Defense Alliance. These apps are not available on the Google Play Store," a Google spokesperson said in a statement.  

Lookout said the spying app it discovered wasn't alone, and is tied to a larger surveillance campaign targeting people in Libya. While the campaign has had many different disguises since April 2019, its two latest spying apps are coronavirus-related, Lookout said.

Watch this: Pandemic: Here's what's changed about the coronavirus

35 things to buy if you're stuck at home thanks to coronavirus (besides toilet paper)

See all photos
The information contained in this article is for educational and informational purposes only and is not intended as health or medical advice. Always consult a physician or other qualified health provider regarding any questions you may have about a medical condition or health objectives.