Coronavirus Malware is on the Rise
By Iris Lin, 3/30/2020
As the COVID-19 crisis continues to affect the lives of millions of people around the world, cyber threats in the form of a “corona virus malware” have also emerged, taking the web by storm. Cyber hackers are exploiting the public’s concern over the global pandemic to infect users’ computers with malicious software. Fortunately, Cyber-security experts are also working to counteract threats by providing tips and solutions to help keep users informed. This post examines the types of corona virus driven malware currently lurking on the internet, and how to protect yourself and your online presence from being victimized.
CDC “Fake Health Alert” Email – a phishing email attack designed to steal usernames and passwords from users who click on the false link (within the email content). The link claims to connect users to a CDC.gov coronavirus website, but instead redirects users to a fake Microsoft Outlook login page controlled by cybercriminals waiting to poach user info. This is an example of online trickery known as “typo-squatting”, commonly found in email/web addresses and copied branding.
Password Stealing – Beware of a phony version of the Johns Hopkins University Interactive Dashboard of Worldwide Coronavirus Infections and Deaths, being spread through malicious sites and phishing emails to propagate password-stealing malware.
COVIDLOCK Ransomware – Targeting mobile phones through a malicious COVID-19 Tracker App deemed “CovidLock”. This Android specific ransomware application methodizes the “screen-lock” attack, which denies the victim access to their phone by forcing them to change their “unlock phone” password.
“Once COVIDLOCK infiltrates your device’s OS, it demands a ransom of $100 worth of Bitcoin or more, which must be paid in 48 hours.”
The ransom note offers a “password” which unlocks the screen and returns control back to the device’s owner. However, if the ransom isn’t paid by the deadline, CovidLock will erase all data stored on the phone. Counter Action: DomainTools, a Cyberthreat Intelligence company, has reverse engineered CovidLock’s decryption keys and released the information on their site for public view. To learn more about Domaintools’ decryption strategy, visit here.
Combat Coronavirus Malware: TIPS to Avoid disaster...
When browsing online, protect your device with the following tips.
1: Pause before you click. Before clicking on shared links, hover your mouse over the link and double check the site’s full address. Avoid auto-clicking on random sites, as accidental taps can cause you to open a malicious link.
2: Be wary of abbreviated links. Sometimes links and emails have shortened previews, or cut-off links such as “bit.ly” – which can redirect to malware infected sites.
3: Bookmark Breadcrumbs. To help your computer safely track your internet trail, use bookmarks for sites you frequently visit.
4: Password Manage your Memory. Save the correct links in your password manager to help your device autofill your login/password information for designated sites.
My Device is Infected. What should I do?
If you think your device has been infected, it’s important to seek help from your IT team as quickly as possible. Also be mindful of how you use the infected device going forward. If possible, switch to a different device when contacting a specialist for assistance. If the malware is on your company issued device, work with your in-house IT team (or outsource to a qualified MSP) to analyze the damage done. What types of sensitive information may have been compromised from your computer? Should you change or update any of your passwords or account information to lower risk of further infiltration? An assessment by IT pro’s will help get you answers and on the path to be virus free!
To download the PDF presentation on this topic: CLICK HERE