Hackers are spreading malware through coronavirus maps

Coronavirus Map
(Image credit: John Hopkins University)

The ongoing coronavirus outbreak has disrupted business operations across the globe but cybercriminals are showing no signs of slowing down as they attempt to capitalize on people's fears surrounding the virus.

Back in January, hackers used the coronavirus to launch email campaigns that infected users with malware and now they've begun to use coronavirus maps to do so as well. 

Many organizations including John Hopkins University have created dashboards to keep track of the spread of the coronavirus and many people rely on these dashboards to stay up to date with the latest infection numbers. 

However, security researcher at Reason Labs, Shai Alfasi has discovered that hackers are now creating fake versions of these dashboards to steal information including user names, passwords, credit card numbers and other data stored in users' browsers.

Unlike legitimate coronavirus dashboards, these fake websites prompt users to download an application to help them stay updated on the situation. This application doesn't even need to be installed to infect a user's computer with malware. As of now, the malware only affects Windows devices but Alfasi expects that hackers will find a way to develop a new version that can infect other operating systems as well.

Fake coronavirus maps

In a blog post detailing his findings, Alfasi explained that these fake coronavirus maps are using malicious software called AZORult to infect users' machines, saying:

“The new malware activates a strain of malicious software known as AZORult. AZORult is an information stealer and was first discovered in 2016. It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer.”

Identifying these fake websites is easy enough as they often have a URL or details that are different from legitimate coronavirus dashboards.

To avoid falling victim to this latest coronavirus scam, it is recommended that users only check verified dashboards such as the one from John Hopkins University for information regarding the virus.

Via The Next Web

TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
NordVPN
US hit with over 1.9 billion malware threats last year - here's how to stay safe
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Mac users targeted with new malware, so be on your guard
A digital representation of a lock
Security experts are being targeted with fake malware discoveries
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Fraude en ligne phishing
Google Search ads are being hacked to steal account info
Latest in Security
A graphic showing someone on a tablet working through a supply chain.
Security issue in open source software leaves businesses concerned for systems
ransomware avast
One of the most powerful ransomware hacks around has been cracked using some serious GPU power
person at a computer
Infamous ransomware hackers reveal new tool to brute-force VPNs
person at a computer
Many workers are overconfident at spotting phishing attacks
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Data Breach
Thousands of healthcare records exposed online, including private patient information
Latest in News
Pebble smartwatch countdown
Pebble confirms its smartwatch announcement is just hours away
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
An image of the Nintendo Switch 2
Nintendo Switch 2 likely to have AI upscaling similar to PS5 Pro’s PSSR according to patent, and it could be a gamechanger for graphics on the upcoming console
PowerColor Red Devil AMD RX 9070 XT graphics card shown side-on
Your next GPU could be from AMD, not Nvidia, if Team Red’s success with PC gamers continues
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 18 (game #1149)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 18 (game #380)