An Android app, advertised as a coronavirus tracker, mimics the display of the Johns Hopkins Coronavirus Research Center main page but also installs spyware into the phone.1
A similar app was offered from a malicious site that mirrored live data from a legitimate website and added a banner urging viewers to download the malware. If a person was tricked into downloading the malware, the malware would lock the person's phone and present the user with a ransom demand.2