Fake News Uses Coronavirus To Spread Malware

Uploaded on 2020-02-10 in TECHNOLOGY-Hackers, FREE TO VIEW

Cybercriminals are using fake email messages about coronavirus Covid-19 to spread the Emotet Trojan as well as other malware, according to a report released this week by Kaspersky

In Japan  the Emotet Trojan, a particularly damaging of malware that has been devastatingly effective, attacking governments and financial institutions. 

An email discovered by IBM found that cybercriminals were sending emails under the guise of being part of a disability welfare service provider in Japan. The emails falsely claim that there are reports of coronavirus patients in the Gifu, Tottori and Osaka prefectures in Japan, urging victims to read an attached Microsoft Word document which contains the Emotet Trojan. 

The messages are particularly dangerous because they were made to look like official government emails, equipped with legitimate addresses, phone numbers and emails.  

Malicious files disguised as documents relating to the coronavirus have also been spotted by Kaspersky’s threat detection technology, exploiting people’s fears of infection to spread malware and other cyber threats. The malicious files discovered by Kaspersky’s researchers were disguised as pdf, mp4 and docx files about the coronavirus. In each case the filenames implied that they contained useful information on how to protect yourself from the coronavirus, information on how to detect it, and news updates.

In reality, the files contained various threats including Trojans and worms capable of destroying, blocking, modifying or copying and exfiltrating personal data, as well as interfering with the victims’ computing equipment or networks.

Coronavirus
Coronaviruses are a family of respiratory infections that includes both mild illnesses such as the common cold and more serious ones such as Sars and Mers. The variant in question emerged in Hubei province in central China in December 2019. It has now spread to every other province of mainland China and several other countries, including Australia, France, Japan, South Korea, Taiwan, Thailand and the US. The nature of coronaviruses and the difficulty of reporting cases accurately in some areas means the true number is probably unknown. The new coronavirus variant has now been named Covid-19 by the World Health Organisation.

Coronavirus News Used To Spread Malware
“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cyber criminals,” said Anton Ivanov, a malware analyst at Kaspersky. “So far, we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow. As people continue to be worried for their health, we may see more malware hidden inside fake documents about the coronavirus being spread.”

High-profile events, news stories and offline threats are almost inevitably exploited by cyber criminals to spread malicious files or run scams on victims and often play on justified concerns. Already in 2020, criminal gangs have exploited the Travelex ransomware attack to conduct telephone scams. As always, users can take a number of simple steps to avoid falling victim to malicious files masquerading as legitimate content. 

Recipients should avoid clicking on unsolicited, suspicious links sent to them that claim to be exclusive content, rather than going direct to official sources for accurate and trustworthy information on the coronavirus. It is also advisableto look closely at the three letter file extension as legitimate documents and video files will rarely if ever be in .exe or .lnk formats.

Elsewhere in the industry, the coronavirus outbreak has also begun to affect the IT supply chain. In its most recent quarterly results announcement this week, Apple said it was working on contingency and mitigation plans to protect production facilities in Chinas.

Computer Weekly:        TechRepublic:        BankInfoSecurity

You Might Also Read: 

Email Malware Targeting US Senators & Military:

 


 

 

« Big Cyber Attack Hits Iran
Spies Really Like Artificial Intelligence »

Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

infineon - IoT Security

infineon - IoT Security

Infineon is a leader in semiconductor solutions for a huge range of applications including automation, smart systems and security for the Internet of Things.

Iranian Cyber Police

Iranian Cyber Police

Cyber police of Islamic Republic of Iran was established in 2011 based on internal and international standards in order to prevent, investigate and combat cybercrime.

Exostar

Exostar

Exostar is the cloud platform of choice for secure enterprise and supply chain collaboration solutions and identity and access management expertise.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

Mphasis

Mphasis

Mphasis is a leading applied technology services company applying next-generation technology to help enterprises transform businesses globally.

Fortiphyd Logic

Fortiphyd Logic

Fortiphyd Logic equips operators of the power grid, oil & gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks.

Sygnia

Sygnia

Sygnia is a cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide.