Beware of this other virus: Coronavirus-themed malware

Here's how cybercriminals are exploiting interest in the epidemic to spread malicious activity

Beware of this other virus: Coronavirus-themed malware

While the world attempts to take control over the spread of the coronavirus – and tries to contain, eliminate and prevent it from spreading – hackers around the globe have found the coronavirus serving them well as an enabler for their activities.

Our Global Threat Index for January 2020 shows cybercriminals are exploiting interest in the global epidemic to spread malicious activity, with several spam campaigns relating to the outbreak.

Viruses can be transmitted in various forms, through saliva, touch or even through air – and malware is similar in the sense that it finds different vectors to penetrate.

READ MORE: How well can your staff detect phishing attacks?

Coronavirus ‘going viral’ online
Right after the huge global attention around the coronavirus, cybercriminals started using the interest to spread their malicious activity.

In January and February, the most prominent coronavirus-themed campaign targeted Japan, distributing Emotet in malicious email attachments pretending to be sent by a Japanese disability welfare service provider.

The emails appeared to be reporting where the infection is spreading in several Japanese cities, encouraging the victim to open the document for more information. When the document was opened, Emotet was downloaded onto the victim’s computer.

Emotet is an advanced, self-propagating and modular Trojan. It was originally a banking Trojan, but recently has been used as a distributor of other malware or malicious campaigns. It uses multiple methods to maintain persistence and evasion techniques to avoid detection. It can also spread through phishing spam emails containing malicious attachments or links.

READ MORE: 5 private PC files you don't want colleagues to see

In addition to email campaigns since the outbreak, we have observed a noticeable number of new websites registered with domain names related to the virus.

Many of these domains will probably be used for phishing attempts. Check Point has already spotted – and protects online users from – many websites known to be related to malicious activities that lure the victims to their websites with discussions around the virus, as well as from scam websites that claim to sell face masks, vaccines and home tests that can purportedly detect the virus.

An example of such a website is vaccinecovid-19\.com. It was first created on 11 February and registered in Russia. The website is insecure and offers to sell “the best and fastest test for coronavirus detection at the fantastic price of 19,000 Russian rubles (approx. US$300)”.

The website also claims to offer news and a supposed heat map of the coronavirus spread, but on closer look, one can see that it is immaturely designed, providing instructions and comments such as “a place for a beautiful subtitle” (in English translation).

How to keep staff protected from coronavirus-themed malware
Employees and organisations can avoid falling victim to these scam attempts with our recommendations for safe online behaviour:

  • Instruct employees NOT to click on promotional links in emails. Beware of ‘special’ offers, such as one that claims to be ‘an exclusive cure for coronavirus for $150’.
  • Beware of lookalike domains, spelling errors in emails/websites, and unfamiliar email senders.
  • Protect your organisation with a holistic, end-to-end cyber architecture, to prevent zero-day attacks.

Evan Dumas is Regional Director for Southeast Asia of IT security specialist Check Point Software Technologies

Free newsletter

Our daily newsletter is FREE and keeps you up-to-date with the world of HR. Please complete the form below and click on subscribe for daily newsletters from HRD Australia.

Recent articles & video

What will the workplace look like post-COVID-19?

Adapting to the new normal: Cyber security in the age of COVID-19

Manulife gives special day off to employees

Google offers staff USD1,000 to buy furniture for home offices

Most Read Articles

Federal Court doubles down on casuals double dipping

Netflix’s 'Inhuman Resources' shows dark side of human psyche

COVID-19: How can organisations beat workplace isolation?