After spammers targeted users with phishing emails abusing the Coronavirus pandemic, cybercriminals are now using other methods to exploit every chance to prey on internet users and infect users with malware.
Several organizations have made dashboards (coronavirus maps) to keep track of COVID-19. But now, hackers have found a way to use these dashboards to inject malware into computers.
The threat was first spotted by MalwareHunterTeam last week and has now been analyzed by Shai Alfasi, a cybersecurity researcher at Reason Labs.
Shai Alfasi, a security researcher at Reason Labs, discovered that hackers are now creating fake versions of these dashboards to steal information including user names, passwords, credit card numbers and other data stored in users’ browsers.
The malware attack tricks those who are looking for cartographic presentations of the spread of COVID-19 on the Internet, to download and run a malicious application. On its front-end, the application shows a map loaded from a legit online source but in the background, it compromises the computer.
These websites pose as genuine maps for tracking coronavirus but have a different URL or different details from the original source.
Alfasi noted that this method used malicious software known as AZORult, which was first found in 2016. The software is designed to steal data from computers and infect them with other malware as well.
“It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer,” noted the researcher.
At the time being, the malware only affects Windows devices but Alfasi expects that hackers will find a way to develop a new version that can infect other operating systems as well.
To avoid falling victim to this latest coronavirus scam, it is recommended that users only check verified dashboards such as the one from John Hopkins University for information regarding the virus.
Alfasi suggests Reason Antivirus software as the solution to fix infected devices and prevent further attacks.