03.16.2020 - Hack Alert - Coronavirus Maps Loaded with Malware

Hack Alert: Malware Being Loaded into Coronavirus Maps

Amid the COVID-19 virus crisis, cybercriminals are working overtime to concoct new and difficult-to-detect methods to steal the personal information of individuals and sensitive information of organizations. We’ll occasionally alert our followers of the latest scams and provide tips to avoid them.

We’ve already warned about phishing attacks disguised as government emails, including the World Health Organization. Now, cybercriminals are exploiting coronavirus tracking maps as their hunting ground. It was recently discovered that hackers are using these maps to steal personal user information like passwords, credit card numbers, social security numbers, and other data stored in your browser.

The techniques are still the old, tried-and-tested ones – phishing and/or spear-phishing to lure users into downloading and using these tracking maps and dashboards that purport to have come from official health authorities.

Krebs on Security reported one specific attack – malware loaded into an interactive dashboard of Coronavirus infections and deaths produced by John Hopkins University. It is being used in malicious websites (and possibly spam emails) to spread password-stealing malware.

According to the report, a member of several Russian cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins map as part of a Java-based malware deployment scheme. The kit costs $200 if the buyer already has a Java code signing certificate and $700 if the buyer uses the seller’s certificate.

Here are tips to protect yourself:

  • Don’t open attachments from unsolicited or unknown sources
  • Get your information from official and trusted sources by going directly to their websites, not clicking links in unsolicited emails.
  • Beware of emails that try to create a sense or trust or urgency.
  • Mouse over a URL to see if its legitimate and where it’s really taking you.
  • Log-in directly to bank and other sites, never from a text or email link.

To assist businesses during the Coronavirus crisis, ERMProtect is providing free access to video animations that teach employees how to work safely online and remotely. They can be accessed on our YouTube channel or via SCORM packages available here: https://bit.ly/2Uaa23H

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

Cybersecurity Incident

How to Prepare Your Organization for a Cybersecurity Incident

Preparing for a cybersecurity incident substantially decreases damage and costs and helps get companies back to business as quickly as possible …
cloud computing

Regular Penetration Testing Reduces Risks in the Cloud

Cloud penetration testing is a simulated attack to assess the security of an organization’s cloud-based applications and infrastructure, and it is critical in today’s digital world …
Information Technology (IT) risk assessments

Choosing the Right Risk Assessment Protects Against Cyber Threats

IT risk assessments provide invaluable benefits to the security of your organization. This article outlines key factors to consider …