BUSINESS TECHNOLOGY MEDIA COMPANY
Companies
Sectors
Malware

Beware of coronavirus malware

Read time 1min 50sec

While governments across the globe are trying to control the spread of the coronavirus that has claimed nearly 1 900 lives, bad actors are jumping on the bandwagon and using the outbreak for nefarious purposes.

Check Point’s Global Threat Index for January 2020 reveals that attackers are exploiting interest in the pandemic to spread malware, and several spam campaigns relating to the outbreak of the virus have reared their head.

In January and February the most prominent coronavirus-themed campaign targeted Japan, distributing Emotet in malicious e-mail attachments pretending to be sent by a Japanese disability welfare service provider, says Check Point.

“The e-mails appeared to be reporting where the infection is spreading in several Japanese cities, encouraging the victim to open the document for more information. When the document was opened, Emotet was downloaded onto the victim’s computer.”

Emotet is a complex, self-propagating and modular Trojan which was originally designed to target banking activity, but has recently been used as a distributor of other malware or malicious campaigns. It employs a slew of methods to maintain persistence and evasion techniques to avoid detection, and can spread through phishing spam e-mails containing malicious attachments or links.

Since the Coronavirus outbreak, Check Point has also observed a noticeable number of new Web sites registered with domain names related to the virus.

Many of these domains will most likely be used for phishing attempts. Check Point has already protected online users from many sites known to be related to malicious activities that lure the victims with discussions around the virus, as well as from scam sites that claim to sell face masks, vaccines, and home tests that can detect the virus.

“An example of such a Web site is vaccinecovid-19\.com. It was first created on February 11, 2020 and registered in Russia," the compoany says. "The Web site is insecure and offers to sell “the best and fastest test for Coronavirus detection at the cost of about US$300.” 

See also