This week the levels of panic around coronavirus have risen exponentially, with the World Health Organisation finally declaring a pandemic. Unfortunately hackers are adding to the stress by weaponising coronavirus fear to infect people’s devices with malware and steal their personal information.
The first reports of this were back in January, with emails offering coronavirus advice. Now fake coronavirus maps are being manufactured.
Fake Coronavirus Map
Organisations such as John Hopkins have created coronavirus dashboards so people can keep an eye on the infection spread and the numbers of confirmed cases. Security research firm, Reason Labs, has found that fake versions of the dashboards have been created to phish for data. According to TechRadar This can include personal information such as credit card numbers, passwords and numbers.
“The malware has a GUI that looks very good and convincing. When running the malware, the GUI window loads information, which pools from the web,” says a blog post from Reason Labs.
“The new malware activates a strain of malicious software known as AZORult. AZORult is an information stealer and was first discovered in 2016. It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer. There is also a variant of the AZORult that creates a new, hidden administrator account on the infected machine in order to allow Remote Desktop Protocol (RDP) connections.”
You can read the full breakdown and analysis of how Reason Security discovered the hackers over on its blog.
How To Spot A Fake Coronavirus Map
TechRadar has reported that the fake versions of these sites ask users to download an app that doesn’t need to be installed in order to trigger the malware. At the present time it has only impacted Windows devices.
Be wary of any emails you’re sent that claim to be links to or downloads of coronavirus maps or data. Don’t click on any email or downloads links in these messages.