Hackers Using CoronaVirus Outbreak to Inject Malicious Malware into Your Computer

As the Coronavirus COVID-19 declared a pandemic by the World Health Organization, creating chaos and panic around the world. Cyber-criminals are also becoming the active actors and exploiting people’s curiosities and panic-filled responses with malicious emails and websites to infect their computers and steal sensitive data including passwords and credit card numbers.

Many organizations are taking precautionary steps and have made dashboards to keep track of COVID-19. Cyber criminals also found their way to use these dashboards and inject malware into computers.

One of the renowned security research centers, found that hackers designing websites related to coronavirus awareness in order to prompt you to download an application for keeping you updated on the situation. These applications do not need any installation to run and shows you a map of how COVID-19 is spreading while at backend it works to steal private information, credentials and info stored in your browser. However, it is a front for hackers to generate a malicious binary file and install it on your computer.

These malicious websites act as legitimate maps for tracking coronavirus but have a different URL or different details from the original source. Hackers gaining advantages of social engineering techniques to let people access these websites out of fear. These types of websites have been found to infect only Windows machines, but it is expected to be working on other Operating Systems.

It has been noted that hackers used a malicious software known as AZORult, which was first found in 2016. The researchers found that AZORult can steal info including browsing history, cookies, ID/passwords and cryptocurrency also it can download additional malware onto compromised machines. Recently its new variant installs an admin account that is kept secret on your machine to generate an attack. Hackers made the whole scenario so insidious that it almost mimics communications from expert sources namely the World Health Organization, the Centers for Disease Control and Prevention and Johns Hopkins University.

Common Threats

Fake Map

Fake MapThe fake map exploit reported when one of the renowned research universities, Johns Hopkins’ popular COVID-19 dashboard been replicated. It has been serving people to provide an updated information of the virus spread.

A malicious website named as “Corona-Virus-Map.com” claims to illustrate an up-to-date coronavirus tracking map just like the one at Johns Hopkins. It uses the same graphics and user interface to trick people and embed a severe trojan named as “corona.exe” a variant of AZORult. The executable has been distributed through malicious ads, email attachments and social engineering to steal information.

Phishing

PhishingPhishing scams have always been pervasive cyber-attacks for hackers. In the current situation when every person wants to be updated about the spread and severity of the virus, creating an ideal environment for hackers. Phishing attacks are successful when a person gets an email which contains a virus as a lure in the subject line.

The email tries to inform about the virus and claimed to be from the World Health Organization or the Centers for Disease Control and Prevention. They also offer a chart that updates how many people have been cured or died. By clicking these links, target machine gets injected with the remote access trojans. It also downloads ransomware that will lock your computers and demand payment for the decryption key.

How to Prevent These Attacks

It is recommended that people should not click on the unknown links and use only verified dashboards to get information about the virus spread. Moreover, some useful tips to avoid these scenarios are:

  • Enable Two Factor Authentication
  • Verify the URL before typing it or clicking a link
  • Do not enter your personal information
  • Check out for spelling and grammatical errors
  • If you revealed your passwords mistakenly, change it as soon as possible
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...