Hackers hiding malware in bogus map of Covid-19 spread, says cybersecurity firm
Cyber criminals are now using malware, dressed up as a map that tracks Covid-19 cases, to infect the computers of those trying to keep updated on the pandemic.
Reason Cybersecurity issued a threat analysis report about how the malware was embedded in a file, usually named Corona-virus-Map.com.exe, around 3.26MB in size.
Double-clicking the file opens a map that displays the virus’ spread, similar to one hosted by US-based Johns Hopkins University, a recognised source for visualising and tracking coronavirus cases in real-time.
Reason Cybersecurity adds that the data in the bogus map is pulled from the university, though the original map hosted by Johns Hopkins University is not infected and safe to visit.
Its cybersecurity researcher Shai Alfasi said the malware used in this scam was identified as AZORult, an information-stealing malicious software discovered back in 2016, which collects information stored in web browsers including passwords, user IDs, browsing histories, cookies and cryptocurrency keys.
He explained this data allowed cybercriminals to steal credit card numbers, login credentials and other sensitive information.
“The pandemic level dispersion of Covid-19 merits utmost caution not only offline but also online. Cyber attackers are exploiting the popularity of coronavirus-related resources on the web and many will likely fall prey to the attacks, ” he said.
Alfasi warned users to be cautious when downloading files online even if they were eager to find out about Covid-19, adding that antivirus software was needed to find and root out the malware if the computer was already infected.
Gloss