CryCryptor has been targeting Android users mostly in Canada. It is distributed via two websites as an official COVID-19 tracing app provided by Health Canada, however this is not the case it is ransomware.
The websites have now been taken down and ESET researchers wrote a decryption tool for its victims, based on a bug in the malicious app.
There is an Android decryption app for those affected with the CryCryptor ransomware – note this may only work on certain versions of CryCrypter.
Indicators of Compromise (IoCs)