Hackers Using CoronaVirus Outbreak to Inject Malicious Malware into Your Computer

As the Coronavirus COVID-19 declared a pandemic by the World Health Organization, creating chaos and panic around the world. Cyber-criminals are also becoming the active actors and exploiting people’s curiosities and panic-filled responses with malicious emails and websites to infect their computers and steal sensitive data including passwords and credit card numbers.

Many organizations are taking precautionary steps and have made dashboards to keep track of COVID-19. Cyber criminals also found their way to use these dashboards and inject malware into computers.

One of the renowned security research centers, found that hackers designing websites related to coronavirus awareness in order to prompt you to download an application for keeping you updated on the situation. These applications do not need any installation to run and shows you a map of how COVID-19 is spreading while at backend it works to steal private information, credentials and info stored in your browser. However, it is a front for hackers to generate a malicious binary file and install it on your computer.

These malicious websites act as legitimate maps for tracking coronavirus but have a different URL or different details from the original source. Hackers gaining advantages of social engineering techniques to let people access these websites out of fear. These types of websites have been found to infect only Windows machines, but it is expected to be working on other Operating Systems.

It has been noted that hackers used a malicious software known as AZORult, which was first found in 2016. The researchers found that AZORult can steal info including browsing history, cookies, ID/passwords and cryptocurrency also it can download additional malware onto compromised machines. Recently its new variant installs an admin account that is kept secret on your machine to generate an attack. Hackers made the whole scenario so insidious that it almost mimics communications from expert sources namely the World Health Organization, the Centers for Disease Control and Prevention and Johns Hopkins University.

Common Threats

Fake Map

Fake MapThe fake map exploit reported when one of the renowned research universities, Johns Hopkins’ popular COVID-19 dashboard been replicated. It has been serving people to provide an updated information of the virus spread.

A malicious website named as “Corona-Virus-Map.com” claims to illustrate an up-to-date coronavirus tracking map just like the one at Johns Hopkins. It uses the same graphics and user interface to trick people and embed a severe trojan named as “corona.exe” a variant of AZORult. The executable has been distributed through malicious ads, email attachments and social engineering to steal information.


PhishingPhishing scams have always been pervasive cyber-attacks for hackers. In the current situation when every person wants to be updated about the spread and severity of the virus, creating an ideal environment for hackers. Phishing attacks are successful when a person gets an email which contains a virus as a lure in the subject line.

The email tries to inform about the virus and claimed to be from the World Health Organization or the Centers for Disease Control and Prevention. They also offer a chart that updates how many people have been cured or died. By clicking these links, target machine gets injected with the remote access trojans. It also downloads ransomware that will lock your computers and demand payment for the decryption key.

How to Prevent These Attacks

It is recommended that people should not click on the unknown links and use only verified dashboards to get information about the virus spread. Moreover, some useful tips to avoid these scenarios are:

  • Enable Two Factor Authentication
  • Verify the URL before typing it or clicking a link
  • Do not enter your personal information
  • Check out for spelling and grammatical errors
  • If you revealed your passwords mistakenly, change it as soon as possible
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top 5 Techniques Hackers Use to hack Social Media Accounts

These days, Social Media have become a significant need in our everyday life. It encourages us to associate and connect with anyone over the...

5 Top Programming Languages for Hacking

We live in the 21st century, which is very fast-changing. This is a century of competition for information and computing resources. Every year the...

OSINT Tutorial to Track An Aircraft And Flight Information In Real-Time

No doubt Internet is said to be the world's largest repository of data and information. It contains an enormous amount of data related to...

Preventing SQL Injection in PHP Applications

SQL injection is one of the most common cybersecurity threats and as the name suggests, it is a form of injection attack. Injection attacks, on...