Hackers exploit coronavirus hype to spread computer viruses

Cyberattackers are manipulating people’s fears surrounding the coronavirus to steal sensitive personal information.

A hacker, who requests not to have his name revealed, works on his laptop in his office in Taipei July 10, 2013.
Reuters

A hacker, who requests not to have his name revealed, works on his laptop in his office in Taipei July 10, 2013.

The coronavirus outbreak has paved the way for hackers to carry out cyberattacks by spreading computer viruses.

Hackers have been sending messages with information about the coronavirus through email and other messaging platforms which then infect the recipient with malware.

Currently, corona-themed viruses have been spread in Japan by exploiting their sense of urgency, and proximity to China.

Proofpoint's threat intelligence team, a cybersecurity software company based in the US, warned in a blog post against threat campaigns on events which captures the world's attention.

The company noted one email, for example, where it read: Kyoto Prefectural Yamashiro Minami Public Health Center Welfare Room and Kyoto Prefectural Fundraiser.

The text of the message reads: "Cases of new coronavirus-associated pneumonia were reported in mainly Takeshi, China." It continues with "patients have been reported in Kanagawa Prefecture in Japan."

Afterwards, the mail urged people to click the "attached notice" to spread TA542, an attachment containing a virus, which includes a health guide.

The attachment launches malware, known as Emotet, that steals personal information and login details for banks and financial accounts.

Before coronavirus-themed attacks spread, Greta-Thunberg titled campaigns were undertaken across the world in countries like Australia, Germany, Hong Kong, Japan, Malaysia, Spain, Switzerland, United Arab Emirates, and the United States.

People from these countries were targeted with Greta Thunberg-themed lures as global warming was a hotly debated topic online at the time.

Today, hackers are not only using malware attached to emails but have also built websites that claim to provide coronavirus protection guides.

Experts suggest people visit "only verified and trusted websites."

Proofpoint security experts also suggested that "TA542 is a formidable threat actor group with advanced capabilities that enable them to move quickly in response to current events and even smartly, selectively target campaigns based on language and region.

"It's important security teams continue to secure their email channel and educate users regarding the increased risks associated with email attachments risks as Emotet is capable of downloading a range of additional malware, spreading across networks, and using infected devices to launch further attacks."

Route 6