Home / Security / Security: Criminal Hackers Use Official-Looking Coronavirus Forms to Spread Malware, Steal Passwords

Security: Criminal Hackers Use Official-Looking Coronavirus Forms to Spread Malware, Steal Passwords

Security:

Security: The Coronavirus (COVID-19) pandemic has spread to many countries across the world, claiming over 40,000 lives and infecting hundreds of thousands more.

The Coronavirus (COVID-19) pandemic has spread to many countries across the world, claiming over 40,000 lives and infecting hundreds of thousands more.
Photo: Francois Nel (Getty

Security experts are tracking a range of new threats incidentally linked to the coronavirus that’s killed no fewer than 44,216 people worldwide. Where most see despair, some cyber criminals see opportunity.

Online, criminals are working to take advantage of the shocking changes to daily life thrust onto entire populations now forced to work from home—or sitting there idly nursing an insatiable craving for new information about the illness and its impact.

Dallas-area security firm Securonix said Tuesday its researchers were following malicious hackers working a number of coronavirus-related angles, including the use of weaponized covid-19 related documents in attacks on critical healthcare operations. It’s also seen a rise in attempts to capture security credentials from the world’s now-remotely employed workforce.

Researchers have seen crypto-ransomware disguised as a covid-19 “situation report” being widely circulated by email. After the coronavirus-themed document is opened, the user is presented with a demand for 0.35 Bitcoin ($2,270, at the time of writing) to unlock their files.

Security: Illustration for article titled Criminals Use Official-Looking Coronavirus Forms to Spread Malware, Steal Passwords

Screenshot: Securonix Threat Research Team

A variety of emails are pushing infected documents harboring malware used to steal user credentials, web browser cookies, cryptocurrency wallets, and other sensitive data. According to Securonix, the body of one such email claims the recipient may have been in contact with an infected person.

It reads:

“You recently came into contact with a colleague/friend/family member who has COVID-19 at Taber AB, please print attached form that has your information prefilled and proceed to the nearest emergency clinic.”

In another example, attackers shared a link to a malicious covid-19 live map that mimics an actual interactive dashboard displaying global coronavirus infections produced by the Center for Systems Science and Engineering at Johns Hopkins University, as was also reported last month by security reporter Brian Krebs.

Security: Illustration for article titled Criminals Use Official-Looking Coronavirus Forms to Spread Malware, Steal Passwords

Screenshot: Securonix Threat Research Team

The map is part of a “digital Coronavirus infection kit” that was selling for $200 on a Russian language cybercrime forum, according to Krebs.

The rise in coronavirus-related attacks began in earnest around the beginning of last month. Forbes reported on March 12 a range of malicious domains had been quickly established and that phishing attempts referencing “COVID-19” were growing.

Security firm Recorded Future warned that cyber criminals frequently adopt trusted branding when trying to lure victims to open malicious links in files, including the World Health Organization and the U.S. Centers for Disease Control and Prevention.

Users are advised to take increased precautions when handling any links or emails related to the virus. You can find a list of best sources for information about covid-1

Read More

About admin

Check Also

Security: June 2020 security patch rolling out to Pixel phones

Security: June 2020 security patch rolling out to Pixel phones

The beginning of the month means Google's Pixel phones will be seeing a new update, and June is no exception. Starting today, Google began rolling out the latest security patch for its Pixel devices. As with every security patch, this one comes with general bug and vulnerability fixes to ensure your phone is as safe…

Leave a Reply

Your email address will not be published. Required fields are marked *