03.16.2020 - Hack Alert - Coronavirus Maps Loaded with Malware

Hack Alert: Malware Being Loaded into Coronavirus Maps

Amid the COVID-19 virus crisis, cybercriminals are working overtime to concoct new and difficult-to-detect methods to steal the personal information of individuals and sensitive information of organizations. We’ll occasionally alert our followers of the latest scams and provide tips to avoid them.

We’ve already warned about phishing attacks disguised as government emails, including the World Health Organization. Now, cybercriminals are exploiting coronavirus tracking maps as their hunting ground. It was recently discovered that hackers are using these maps to steal personal user information like passwords, credit card numbers, social security numbers, and other data stored in your browser.

The techniques are still the old, tried-and-tested ones – phishing and/or spear-phishing to lure users into downloading and using these tracking maps and dashboards that purport to have come from official health authorities.

Krebs on Security reported one specific attack – malware loaded into an interactive dashboard of Coronavirus infections and deaths produced by John Hopkins University. It is being used in malicious websites (and possibly spam emails) to spread password-stealing malware.

According to the report, a member of several Russian cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins map as part of a Java-based malware deployment scheme. The kit costs $200 if the buyer already has a Java code signing certificate and $700 if the buyer uses the seller’s certificate.

Here are tips to protect yourself:

  • Don’t open attachments from unsolicited or unknown sources
  • Get your information from official and trusted sources by going directly to their websites, not clicking links in unsolicited emails.
  • Beware of emails that try to create a sense or trust or urgency.
  • Mouse over a URL to see if its legitimate and where it’s really taking you.
  • Log-in directly to bank and other sites, never from a text or email link.

To assist businesses during the Coronavirus crisis, ERMProtect is providing free access to video animations that teach employees how to work safely online and remotely. They can be accessed on our YouTube channel or via SCORM packages available here: https://bit.ly/2Uaa23H

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

PCI compliance companies

Leaning on PCI Compliance Companies to Navigate the Maze of PCI Compliance

These cases demonstrate the critical role of PCI compliance companies in helping businesses not only recover from breaches but also prevent future incidents through rigorous compliance practices …
PCI QSA Companies

Selecting the Right PCI QSA Company

The right PCI QSA company should act as a trusted advisor, helping to identify vulnerabilities and suggesting improvements to secure data and comply with PCI DSS requirements …
New York Cybersecurity Regulation

Tough New Amendments to New York Cybersecurity Regulation Kick in Soon

Entities must take proactive steps to assess their compliance with the amended Cybersecurity Regulation and rapidly work to address any gaps …