Fake News Uses Coronavirus To Spread Malware

Cybercriminals are using fake email messages about coronavirus Covid-19 to spread the Emotet Trojan as well as other malware, according to a report released this week by Kaspersky

In Japan  the Emotet Trojan, a particularly damaging of malware that has been devastatingly effective, attacking governments and financial institutions. 

An email discovered by IBM found that cybercriminals were sending emails under the guise of being part of a disability welfare service provider in Japan. The emails falsely claim that there are reports of coronavirus patients in the Gifu, Tottori and Osaka prefectures in Japan, urging victims to read an attached Microsoft Word document which contains the Emotet Trojan. 

The messages are particularly dangerous because they were made to look like official government emails, equipped with legitimate addresses, phone numbers and emails.  

Malicious files disguised as documents relating to the coronavirus have also been spotted by Kaspersky’s threat detection technology, exploiting people’s fears of infection to spread malware and other cyber threats. The malicious files discovered by Kaspersky’s researchers were disguised as pdf, mp4 and docx files about the coronavirus. In each case the filenames implied that they contained useful information on how to protect yourself from the coronavirus, information on how to detect it, and news updates.

In reality, the files contained various threats including Trojans and worms capable of destroying, blocking, modifying or copying and exfiltrating personal data, as well as interfering with the victims’ computing equipment or networks.

Coronavirus
Coronaviruses are a family of respiratory infections that includes both mild illnesses such as the common cold and more serious ones such as Sars and Mers. The variant in question emerged in Hubei province in central China in December 2019. It has now spread to every other province of mainland China and several other countries, including Australia, France, Japan, South Korea, Taiwan, Thailand and the US. The nature of coronaviruses and the difficulty of reporting cases accurately in some areas means the true number is probably unknown. The new coronavirus variant has now been named Covid-19 by the World Health Organisation.

Coronavirus News Used To Spread Malware
“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cyber criminals,” said Anton Ivanov, a malware analyst at Kaspersky. “So far, we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow. As people continue to be worried for their health, we may see more malware hidden inside fake documents about the coronavirus being spread.”

High-profile events, news stories and offline threats are almost inevitably exploited by cyber criminals to spread malicious files or run scams on victims and often play on justified concerns. Already in 2020, criminal gangs have exploited the Travelex ransomware attack to conduct telephone scams. As always, users can take a number of simple steps to avoid falling victim to malicious files masquerading as legitimate content. 

Recipients should avoid clicking on unsolicited, suspicious links sent to them that claim to be exclusive content, rather than going direct to official sources for accurate and trustworthy information on the coronavirus. It is also advisableto look closely at the three letter file extension as legitimate documents and video files will rarely if ever be in .exe or .lnk formats.

Elsewhere in the industry, the coronavirus outbreak has also begun to affect the IT supply chain. In its most recent quarterly results announcement this week, Apple said it was working on contingency and mitigation plans to protect production facilities in Chinas.

Computer Weekly:        TechRepublic:        BankInfoSecurity

You Might Also Read: 

Email Malware Targeting US Senators & Military:

 


 

 

« Big Cyber Attack Hits Iran
Spies Really Like Artificial Intelligence »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Mellanox Technologies

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Secure Source

Secure Source

Secure Source specialise in search and recruitment for Cyber Security and Security Cleared markets.

Basis Technology

Basis Technology

Basis Technology provides software solutions for text analytics, information retrieval, digital forensics, and identity resolution.

PureCyber

PureCyber

PureCyber (formerly Wolfberry Cyber) is an award-winning cyber security consultancy whose goal it is to make cyber security accessible, understandable, and affordable for any organisation.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Naoris

Naoris

Naoris is the world’s first holistic blockchain-based cybersecurity ecosystem, bringing a game-changing solution to address 35 years of industry similar practice.

RiskXchange

RiskXchange

RiskXchange's cybersecurity risk rating solution helps businesses solve complex cybersecurity and compliance challenges by providing a 360-degree view of your cybersecurity posture.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

ProcessUnity

ProcessUnity

ProcessUnity is a leading provider of Third-Party Risk Management software, helping companies remediate risks posed by third-party service providers.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyberguardians

Cyberguardians

Cyberguardians is a team of experienced cybersecurity experts and consultants who always believe in the value and a high level of cybersecurity services to clients.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

X-Analytics

X-Analytics

X-Analytics is a cyber risk analytics application to create a better way for organizations to understand and manage cyber risk.