As COVID-19 continues to spread around the world, so does the use of risky mobile applications designed to help track the outbreak. Some of these apps already present troubling privacy implications due to their ability to track the movements of local citizens and collect information on them. But beyond that, they may also be saddled with vulnerabilities, or have been ripped off by copycats, perhaps for nefarious purposes.

Indeed, researchers from the ZeroFOX Alpha Team on Monday reported finding suspicious or even outright malicious versions of government-sanctioned COVID-19 mobile applications in Iran and Italy. Users in these countries -- both among the hardest hit by the virus -- are likely downloading these versions from untrustworthy third-party sources instead of from the official app store.

"A greater number of government-sanctioned applications causes users to be less certain of which applications are legitimate," says the blog post report. "Threat actors have taken advantage of this confusion, and have released malicious applications... to prey on users who may mistakenly download the malicious app. To prevent this and protect their citizens, it is highly important that governments ensure consistency with where applications are able to be downloaded, and even with their appearance."

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.