03.16.2020 - Hack Alert - Coronavirus Maps Loaded with Malware

Hack Alert: Malware Being Loaded into Coronavirus Maps

Amid the COVID-19 virus crisis, cybercriminals are working overtime to concoct new and difficult-to-detect methods to steal the personal information of individuals and sensitive information of organizations. We’ll occasionally alert our followers of the latest scams and provide tips to avoid them.

We’ve already warned about phishing attacks disguised as government emails, including the World Health Organization. Now, cybercriminals are exploiting coronavirus tracking maps as their hunting ground. It was recently discovered that hackers are using these maps to steal personal user information like passwords, credit card numbers, social security numbers, and other data stored in your browser.

The techniques are still the old, tried-and-tested ones – phishing and/or spear-phishing to lure users into downloading and using these tracking maps and dashboards that purport to have come from official health authorities.

Krebs on Security reported one specific attack – malware loaded into an interactive dashboard of Coronavirus infections and deaths produced by John Hopkins University. It is being used in malicious websites (and possibly spam emails) to spread password-stealing malware.

According to the report, a member of several Russian cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins map as part of a Java-based malware deployment scheme. The kit costs $200 if the buyer already has a Java code signing certificate and $700 if the buyer uses the seller’s certificate.

Here are tips to protect yourself:

  • Don’t open attachments from unsolicited or unknown sources
  • Get your information from official and trusted sources by going directly to their websites, not clicking links in unsolicited emails.
  • Beware of emails that try to create a sense or trust or urgency.
  • Mouse over a URL to see if its legitimate and where it’s really taking you.
  • Log-in directly to bank and other sites, never from a text or email link.

To assist businesses during the Coronavirus crisis, ERMProtect is providing free access to video animations that teach employees how to work safely online and remotely. They can be accessed on our YouTube channel or via SCORM packages available here: https://bit.ly/2Uaa23H

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

IT Risk Assessment

Uncovering Six Common Issues That Could Impact Your IT Risk Assessment

IT Risk Assessments play a critical role in protecting organizations against ever changing cyber threats …
Florida Bill

Florida Bill Would Give ‘Safe Harbor” Against Breach Suits to Organizations with Recognized Cybersecurity Programs

This is one in a series of articles by ERMProtect tracking key changes in cyber regulations, standards, and laws that could impact our clients and prospective clients …
Data Breaches in 2023

What Can We Learn from the Top 10 Data Breaches in 2023?

Here are some of the biggest breaches of 2023 to see what lessons they offer that could help organizations become less vulnerable to data theft this year …