With coronavirus wrecking havoc across the world, hackers are using the opportunity to send people fake emails laden with malware. These emails are in the guise of official notifications from public health centers, often with attachments that promise more details on preventive measures against the virus.
Multiple email campaigns have been detected by security firms like Kaspersky who are monitoring for the latest threats and all of these campaigns have used coronavirus as a hook to get unsuspecting victims to open infected messages.
The first major malware campaign was detected by IBM X-Force Threat Intelligence where victims were targeted with coronavirus infection reports in various Japanese prefectures including Gifu, Osaka and Tottori.
The emails are “disguised as official notifications from public health centers, and come with attachments that promise to provide more details on preventative measures against coronavirus infections”. The attachments are disguised as Microsoft Word docs and contain malicious payloads linked to the infamous Emotet malware family. This particular malware can harvest user credentials, browser history and sensitive documents.
Kaspersky has also discovered other malicious files disguised as documents related to coronavirus. These files were disguised as pdf, mp4 or docx files, with names that implied they contained video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures.
These files contained a range of threats, “including Trojans and worms that are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks”.
“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cybercriminals. So far, we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow. As people continue to be worried for their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread,” said Anton Ivanov, Kaspersky’s malware analyst.
The Coronavirus outbreak has been declared as a health emergency by World Health Organistation (WHO) with more than 150 deaths and 7,000 confirmed cases.