Cyber attackers using Coronavirus map to steal sensitive data
The malicious software which was first discovered in 2016 steals browsing history, cookies, ID/passwords, cryptocurrency, and other sensitive information from the infected system which the bad actors can use for selling it on the deep web or for gaining access to bank accounts or social media.
- Country:
- India
Taking advantage of the fear and mass hysteria surrounding the novel coronavirus outbreak, cybercriminals are spreading malware disguised as a Coronavirus map, which is supposed to track the spread of the outbreak, to steal sensitive information such as user names, passwords, credit card numbers stored in the users' browser, says a new report.
Shai Alfasi, a cybersecurity researcher at Reason Labs, the threat research arm of Reason Cybersecurity identified the malware that, according to him, activates a strain of malicious information-stealing software called AZORult. The malicious software which was first discovered in 2016 steals browsing history, cookies, ID/passwords, cryptocurrency, and other sensitive information from the infected system which the bad actors can use for selling it on the deep web or for gaining access to bank accounts or social media.
Image Credit: Reason Labs
According to the report, the malware has a very good and convincing graphic user interface (GUI). When running the malware, the GUI window loads information, which pools from the web. To make sure the malware can persist and keep operating, it uses the "Task Scheduler".
Cybercriminals always take advantage of global emergencies like 2019-nCov. Recently the World Health Organization issued a coronavirus scam alert to aware the public of possible phishing scams.
"Criminals are disguising themselves as WHO to steal money or sensitive information. If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding. Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams," the United Nations health agency said in its alert.
What Reason Cybersecurity recommends?
As hackers continue to exploit the public fear surrounding the novel coronavirus, both individuals and businesses can stay safe by complying with basic cybersecurity measures.
- Do not open a malicious link or attachment
- Verify the source before opening an email or link
- Just ignore special offers regarding coronavirus products and safety tips
- Employees should also avoid emails that ask them to share sensitive data such as account passwords or bank information
- Businesses must ensure that they have an up-to-date and powerful endpoint antivirus
Google News