Malware threat in Aarogya Setu clone

Aarogya app. (Photo: IANS)


The cloned Aarogya Setu app is found to contain a malware named Spynote.
Fake apps that mimic the Government of India’s AarogyaSetu app and the Covid tracing app put up by the Chhattisgarh government have been released and introduce malware into smartphones, according to an American cyber security firm.

The apps, once installed on a device, are designed to download and install malware to monitor infected devices, and to steal banking credentials and personal data, according to Anomali, the cyber security firm.

In a release, the company said it had identified 12 Covid contact tracing apps worldwide that had been cloned with malware. Among these are tracing apps of Singapore, Russia, Indonesia, Iran, Kyrgyztan and Brazil.

Anomali “believes that the fake apps are likely being distributed through other apps, third-party stores, and websites, among others.”

The cloned Aarogya Setu app is found to contain a malware named Spynote.

The Straits Times of Singapore today quoted SingCert, a unit of the Cyber Security Agency of Singapore, as saying: “These fake applications are usually embedded with trojans or malware that, when executed, could be used to monitor users’ activities on the device and/or steal their personal data.”

The newspaper said that the fake apps have the same branding as the TraceTogether app, but contain malicious software designed to steal sensitive information such as passwords and banking details.

“Look through the application’s reviews and be wary of poorly reviewed applications. Multiple poor reviews or comments may be an indication of issues with the application,” SingCert was quoted as saying.

Users who have downloaded applications from unofficial sources should delete these apps and run an antivirus scan on their devices. In cases where users cannot delete the app after it has been installed, they may have to perform a factory reset on their device.