Skip to main content

Hackers taking advantage of coronavirus scare to spread malware

Security research firms have uncovered despicable acts by hackers taking advantage of the fear over the coronavirus outbreak to spread malware through emails.

According to experts from IBM X-Force Threat Intelligence, hackers have been sending spam emails to potential victims in Japan. The emails claim that the new coronavirus has infiltrated the country, and urge the receiver to open an attached Microsoft Word document to learn more information.

The document, however, will launch a series of commands that will covertly download the Emotet malware into the victim’s computer. Once installed, the malware will allow hackers to steal sensitive information or deliver more dangerous payloads such as ransomware.

“This new approach to delivering Emotet may be significantly more successful, due to the wide impact of the coronavirus and the fear of infection surrounding it,” said IBM in its report, adding that the method of attack will probably be used in the future for emails in other languages.

Hackers utilizing Emotet have previously taken advantage of events and holidays in order to spread the malware, including invites to a Greta Thunberg demonstration, or to Halloween and Christmas parties, according to Bleeping Computer. The hackers are doing it again with the coronavirus outbreak, which has killed more than 305 people and infected over 14,300 around the world.

In addition to Emotet malware, Kaspersky Lab also reported the discovery of various malicious files disguised as documents containing information about the coronavirus. These come in the form of Word documents, PDFs, and MP4 files, with file names that imply that they contain instructions on protection and detection procedures.

“The current number of infected users is not high enough to comprehensively know about the distribution methods of these files,” Kaspersky Lab told PCMag, but said that according to previous cases, the assumption was that they were spread through emails that claimed to be related to the coronavirus.

While health officials around the world race against the clock to contain and address the coronavirus outbreak, people should be wary of misinformation about the international public health emergency. Google has deployed SOS Alerts to make resources about the coronavirus easily accessible, while a dashboard launched by the Center for Systems Science and Engineering at Johns Hopkins brings together data from several official bodies into a single dashboard.

Editors' Recommendations

Aaron Mamiit
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
North Korean hackers target huge crypto exchange — are user funds safe?
A depiction of a hacker breaking into a system via the use of code.

North Korean hackers are attempting to lure in cryptocurrency experts via bogus job offers for crypto exchange platform Coinbase.

As reported by Bleeping Computer, a campaign orchestrated by the well known North Korean Lazarus hacking group has been uncovered, and its target is those involved in the increasingly popular fintech (financial technology) industry.

Read more
Hackers stole passwords from 140,000 payment terminals using malware
The Wiseasy point of sale system on a table.

An Android-based payment system has been affected by hackers who have been able to infiltrate its database and gain access to 140,000 payment terminals globally, according to TechCrunch.

The brand, Wiseasy, is well known in the Asia-Pacific region, with its payment terminals used in restaurants, hotels, retail outlets, and schools. Its accompanying Wisecloud cloud service is used for remote management and configuration for its customer's terminals.

Read more
Hackers now exploit new vulnerabilities in just 15 minutes
A depiction of a hacker breaking into a system via the use of code.

Hackers are now ​​moving faster than ever when it comes to scanning vulnerability announcements from software vendors.

Threat actors are actively scanning for vulnerable endpoints within a period of just 15 minutes once a new Common Vulnerabilities and Exposures (CVE) document is published, according to Palo Alto's 2022 Unit 42 Incident Response Report.

Read more