Skip to main content

Hackers taking advantage of coronavirus scare to spread malware

Security research firms have uncovered despicable acts by hackers taking advantage of the fear over the coronavirus outbreak to spread malware through emails.

According to experts from IBM X-Force Threat Intelligence, hackers have been sending spam emails to potential victims in Japan. The emails claim that the new coronavirus has infiltrated the country, and urge the receiver to open an attached Microsoft Word document to learn more information.

The document, however, will launch a series of commands that will covertly download the Emotet malware into the victim’s computer. Once installed, the malware will allow hackers to steal sensitive information or deliver more dangerous payloads such as ransomware.

“This new approach to delivering Emotet may be significantly more successful, due to the wide impact of the coronavirus and the fear of infection surrounding it,” said IBM in its report, adding that the method of attack will probably be used in the future for emails in other languages.

Hackers utilizing Emotet have previously taken advantage of events and holidays in order to spread the malware, including invites to a Greta Thunberg demonstration, or to Halloween and Christmas parties, according to Bleeping Computer. The hackers are doing it again with the coronavirus outbreak, which has killed more than 305 people and infected over 14,300 around the world.

In addition to Emotet malware, Kaspersky Lab also reported the discovery of various malicious files disguised as documents containing information about the coronavirus. These come in the form of Word documents, PDFs, and MP4 files, with file names that imply that they contain instructions on protection and detection procedures.

“The current number of infected users is not high enough to comprehensively know about the distribution methods of these files,” Kaspersky Lab told PCMag, but said that according to previous cases, the assumption was that they were spread through emails that claimed to be related to the coronavirus.

While health officials around the world race against the clock to contain and address the coronavirus outbreak, people should be wary of misinformation about the international public health emergency. Google has deployed SOS Alerts to make resources about the coronavirus easily accessible, while a dashboard launched by the Center for Systems Science and Engineering at Johns Hopkins brings together data from several official bodies into a single dashboard.

Editors' Recommendations

Aaron Mamiit
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
Hackers are using AI to spread dangerous malware on YouTube
Windows shows a malware warning on a Dell laptop.

YouTube is the latest frontier where AI-generated content is being used to dupe users into downloading malware that can steal their personal information.

As AI generation becomes increasingly popular on several platforms, so does the desire to profit from it in malicious ways. The research firm CloudSEK has observed a 200% to 300% increase in the number of videos on YouTube that include links to popular malware sources such as Vidar, RedLine, and Raccoon directly in the descriptions since November 2022.

Read more
Great, hackers are now using ChatGPT to create malware
A laptop opened to the ChatGPT website.

A new threat has surfaced in the ChatGPT saga, with cybercriminals having developed a way to hack the AI chatbot and inundate it with malware commands.

The research firm Checkpoint has discovered that hackers have designed bots that can infiltrate OpenAI's GPT-3 API and alter its code so that it can generate malicious content, such as text that can be used for phishing emails and malware scripts.

Read more
Hackers are infiltrating news websites to spread malware
A black fedora rests on top of newspapers infected with spreading green lines..

Some alarming news broke today that hundreds of U.S. news websites are unwittingly playing a big role in a new malware campaign that's disguised as a Chrome browser update. This is quite a devious attack method since it's considered an important security practice to update your browser as soon as possible.

The way hackers are delivering the malware is also clever. It’s coming via an advertising network that also supplies video content to newspaper websites across the nation. It’s difficult to identify and shut down this attack because it is applied intermittently. According to a tweet by the security research team Threat Insight, the JavaScript code is being changed back and forth from the normal harmless ad delivery script to the one that includes the hacker code that shows a false update alert.

Read more