The government of India recently initiated the liberalised and accelerated Phase 3 strategy of COVID-19 vaccination inoculation in India. Under the third phase, people between the age of 18 to 44 years can get vaccinated by registering themselves on the CoWIN platform and then setting up an inoculation appointment. Trying to take advantage of this scammers are now circulating a fake SMS message that falsely claims to offer an app to let users register for the COVID-19 vaccine in India. Also Read - Unable to find COVID-19 vaccine slot? These trackers alert when vaccine slot is available near you.
The SMS instead of providing a legitimate way to register for the vaccination aims to download a malware on to the receivers smartphones. The malicious app was initially named COVID-19 and since then has been renamed to Vaccine Register. The attackers are having a lot of success convincing users as a large number of users have been facing issues while registering for the COVID-19 vaccine through the official CoWIN portal. Also Read - Facebook vaccine finder tool rolling out in India to help locate COVID-19 centres
Lukas Stefanko, a malware researcher at the cybersecurity firm ESET recently tweeted a warning about the SMS asking users to not fall victim of the attack. He states that the SMS is targeted at Indian users designed to impersonate COVID-19 vaccine free registration during the ongoing wave. Also Read - You can now find nearest COVID-19 vaccine center via WhatsApp: Here’s how
We recommend all our readers avoid any such SMSes, which contain links to download apps. It is recommended that users download trusted apps only using the official Google Play Store.
Take note, the government is currently accepting registrations for COVID-19 vaccines under phase 3 via the CoWIN portal, Aarogya Setu app and UMANG app.
The SMS instead of providing a legitimate way to register for the vaccination aims to download a malware on to the receivers smartphones. The malicious app was initially named COVID-19 and since then has been renamed to Vaccine Register. The attackers are having a lot of success convincing users as a large number of users have been facing issues while registering for the COVID-19 vaccine through the official CoWIN portal. Also Read - Facebook vaccine finder tool rolling out in India to help locate COVID-19 centres
Lukas Stefanko, a malware researcher at the cybersecurity firm ESET recently tweeted a warning about the SMS asking users to not fall victim of the attack. He states that the SMS is targeted at Indian users designed to impersonate COVID-19 vaccine free registration during the ongoing wave. Also Read - You can now find nearest COVID-19 vaccine center via WhatsApp: Here’s how
SMS worm impersonates Covid-19 vaccine free registration
— Lukas Stefanko (@LukasStefanko) April 29, 2021
Android SMS worm tries to spread via text messages as fake free registration for Covid-19 vaccine - targets India 🇮🇳
It can spread itself via SMS to victim contacts with link to download this malware. https://t.co/EXAAGARqOP pic.twitter.com/HX957bPVu5
Stefanko has explained that the SMS carries a link that installs a worm app, which then spreads itself via SMS to victims’ contacts. Apart from spreading, the worm also gains unnecessary permissions, which would allow the attackers to leverage to acquire user data.
We recommend all our readers avoid any such SMSes, which contain links to download apps. It is recommended that users download trusted apps only using the official Google Play Store.
Take note, the government is currently accepting registrations for COVID-19 vaccines under phase 3 via the CoWIN portal, Aarogya Setu app and UMANG app.
Comments
Post a Comment