Categories: SecurityWorkspace

Scammers Use Coronavirus Map To Spread Malware

Security researchers have uncovered a malware scheme hidden behind a world map of coronavirus cases, as scammers look to take advantage of fear around the epidemic.

The scam comes to light as world coronavirus cases pass 100,000 for the first time, causing damage to global supply chains and weighing on share prices.

Last month researchers uncovered a number of email-based scams using the coronavirus as bait, but the latest malware is unusual in that it lies in wait on a website and doesn’t rely on email spam to lure potential victims.

The malware, with the filename corona.exe, hides in a website that supposedly shows updated coronavirus cases on a global map, Malwarebytes said.

Image credit: Malwarebytes

Payment cards swiped

The corona.exe file attempts to install itself on the sytems of those visiting the site in order to steal logins and payment card information.

The malware is a variant of AzorUlt, a family of spyware that steals information and sometimes downloads additional malware, Malwarebytes said.

As a result, the company first named the malware Trojan.Corona, but later renamed it Spyware.AzorUlt.

“Unlike similar coronavirus scams we discovered last month, this threat does not rely on an email campaign,” the company said in an advisory.

Last month researchers warned of several malware campaigns specifically leveraging the fear around the worldwide coronavirus outbreak, including a campaign in Japan that included malicious Word documents allegedly containing information about coronavirus prevention.

Email scams

Malware embedded in PDFs, MP4s and Docx files also circulated online, with titles alluding to virus protection tips.

The company spotted phishing emails that supposedly came from the US US Centres for Disease Control and Prevention (CDC), while another scam directed users to a fake donation page to help support government and medical research.

“All of these threats rely on the same dangerous intersection of misinformation and panic — a classic and grotesque cybercrime tactic,” Malwarebytes said.

The company advised users not to click on links in dubious emails and not to donate to causes they have not already vetted outside their email client.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Foxconn Moves Some Apple Production To Vietnam

Foxconn is reportedly moving the manufacturing of some iPads and Macbooks out of China to…

15 hours ago

Trump Administration Grants ByteDance TikTok Sale Extension

ByteDance granted seven day extension by Trump administration of TikTok sale order to new company…

16 hours ago

Amazon Web Services Restored After Outage

Amazon's cloud service on Wednesday suffered a widespread outage impacting parts of the Internet, but…

18 hours ago

Coronavirus Pandemic Impacts Full Fibre Broadband Rollout

Government finances are hurting. Delay to ambitious plan to roll out gigabit broadband to every…

20 hours ago

Bristol City Council Data Breach Revealed Names Of Disabled Children

Mass email from the council contained the names and email addresses of children with special…

2 days ago