Affiliate links on Android Authority may earn us a commission.Learn more.

COVID-19 contact tracing ransomware scheme exposed, be careful out there

June 20, 2025

When Google and Apple announced they would be working together to create an API for futureCOVID-19 contact tracing apps, it was big news. Predictably, malicious hackers are already capitalizing on the news by creating ransomware apps that pose as a contact tracing app.

One such example happened just recently in Canada. On the same day that Canadian Prime Minister Justin Trudeau announced avoluntary nationwide contact tracing app, hackers compiled a ransomware app known as CryCryptor. The Android app encrypts important user files on a device and gives instructions on how to undo the encryption by paying the hackers.

HUAWEI Mate 30 Pro Google Play store

Related:10 best security apps for Android that aren’t anti-virus apps

Luckily, the security research team atESETfigured out the scheme. While CryCryptor may not be too prevalent a threat at the moment, that doesn’t mean ransomware of this type won’t be a big problem. You should read on to learn about how this was done so you can avoid it happening to you.

CryCryptor ransomware: How does it work?

For CryCryptor to work properly, the hackers are depending on one major thing: the user allowing the installation of apps from outside theGoogle Play Store. If you have never done this before or are certain that your phone is set to never install outside applications, you already are safe from this particular type of ransomware.

However, for people who don’t have their phone locked down in this manner, here’s how CryCryptor works:

Two of the websites that ESET found were hosting CryCryptor have already been shut down. However, it’s only a matter of time before other hackers take the same principle behind this ransomware and bring it to other sites.

Thankfully, ESET developed a decrypting tool for CryCryptor. You can read all about thathere.

The golden rule, though, is to never download anything from outside the Play Store unless you are 100% certain it is from a legitimate source. It’s not worth the risk!

Thank you for being part of our community. Read ourComment Policybefore posting.