Categories: SecurityWorkspace

Scammers Use Coronavirus Map To Spread Malware

Security researchers have uncovered a malware scheme hidden behind a world map of coronavirus cases, as scammers look to take advantage of fear around the epidemic.

The scam comes to light as world coronavirus cases pass 100,000 for the first time, causing damage to global supply chains and weighing on share prices.

Last month researchers uncovered a number of email-based scams using the coronavirus as bait, but the latest malware is unusual in that it lies in wait on a website and doesn’t rely on email spam to lure potential victims.

The malware, with the filename corona.exe, hides in a website that supposedly shows updated coronavirus cases on a global map, Malwarebytes said.

Image credit: Malwarebytes

Payment cards swiped

The corona.exe file attempts to install itself on the sytems of those visiting the site in order to steal logins and payment card information.

The malware is a variant of AzorUlt, a family of spyware that steals information and sometimes downloads additional malware, Malwarebytes said.

As a result, the company first named the malware Trojan.Corona, but later renamed it Spyware.AzorUlt.

“Unlike similar coronavirus scams we discovered last month, this threat does not rely on an email campaign,” the company said in an advisory.

Last month researchers warned of several malware campaigns specifically leveraging the fear around the worldwide coronavirus outbreak, including a campaign in Japan that included malicious Word documents allegedly containing information about coronavirus prevention.

Email scams

Malware embedded in PDFs, MP4s and Docx files also circulated online, with titles alluding to virus protection tips.

The company spotted phishing emails that supposedly came from the US US Centres for Disease Control and Prevention (CDC), while another scam directed users to a fake donation page to help support government and medical research.

“All of these threats rely on the same dangerous intersection of misinformation and panic — a classic and grotesque cybercrime tactic,” Malwarebytes said.

The company advised users not to click on links in dubious emails and not to donate to causes they have not already vetted outside their email client.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Microsoft Executive Indicates Departmental Hiring Slowdown

Amid concern at the state of the global economy, a senior Microsoft executive tells staff…

1 day ago

Shareholders Sue Twitter, Elon Musk For Stock ‘Manipulation’

Disgruntled shareholders are now suing both Twitter and Elon Musk, over volatile share price swings…

1 day ago

Google Faces Second UK Probe Over Ad Practices

UK's competition watchdog launches second investigation of Google's ad tech practices, and whether it may…

1 day ago

Elon Musk Raises His Contribution To Twitter Acquisition

But one of Elon Musk's biggest backers on the Twitter board has tendered his resignation…

2 days ago

Broadcom Confirms VMware Acquisition For $61 Billion

Entry into cloud infrastructure software for US chip firm Broadcom after it confirms reports it…

2 days ago