Hackers are Sending Fake Coronavirus Fishing Mails to Steal Bitcoin

Posted on March 14, 2020 at 11:49 AM

Hackers are Sending Fake Coronavirus Fishing Mails to Steal Bitcoin

As the world continues to stay under panic mood as a result of the spread of Coronavirus, hackers are taking advantage of the situation to steal money and data from users.

After they have disguised as coronavirus informants to install malware on users’ pc, the hackers are now sending phony coronavirus tracking apps to deceive people into downloading ransomware.

Coronavirus-related domain registration on the increase

Researchers at cybersecurity company DomainTools discovered that there is an increased number of domain registrations related to Coronavirus. When the research team was investigating the situation, it found out that a particular site, known as coronavirusapp[.]site, has been asking users to download and install an android app to help them track the spread of the virus.

But the actual job of the app is fronting as ransomware known as CovidLock. The app automatically alters the lock screen password and asks the user to pay $100 before unlocking it.

The fake website is organized in such a way to convince anyone of its genuinely, as the app claims it has received certification from the World Health Organization (WHO).

The cybercriminals also revealed the app has 4.4 ratings from 6 million reviews.

According to the description on the app, it says it can send an automatic notification when a coronavirus patient is near you.

After installing the app, its request for some permission to access some of the user’s info, including their lock screen.

Based on the content mixed with SSL and malware certificate of the side, DomainTools researchers suggested that the hackers could be behind other android malware and pornographic malware attacks around the world.

Ransomware still at an infancy stage

The research team said that it seems the ransomware had not expanded much since their operation. It also revealed that there has not been any case where any user paid the amount the hackers are requesting.

The research team also advised users on how to stay safe from these attacks. According to the team, users can protect themselves from becoming victims by staying away from scammy coronavirus-related domains.

Also, users should only install their apps from Play Stores and not from anywhere else. They should not even try to give such scammy groups attention, because the criminals can easily convince their intended victims into submitting to their demands.

The exploitation of fear surrounding the pandemic

The cybercriminals who are exploiting fears surrounding Coronavirus are spreading dangerous malware and infiltrating government systems.

The researchers said the attackers generally take advantage of these periods because users are more likely going to become victims in situations like this.

According to the founder of cybersecurity firm ImmuniWeb, Ilia Kolochenko, “Coronavirus is a formidable and fairly unprecedented opportunity to trick panicking people amid the global havoc and mayhem.”

Security experts have even coined a name for the new trend known as “Fearware”. These criminals have often used any global event as an avenue to perpetuate their cybercriminal activities.

Attackers using phishing emails to infect government systems

Another form of attack is from well-designed phishing emails that seem to originate from health authorities. On the contrary, the phishing mail contains malicious software that can steal users’ data and take complete control of their device.

According to the head of security at Cybersecurity firm Darktrace, Max Heinemeyer, “Fearware” attacks are difficult to defend because each attack comes with a unique approach. Email security tools usually block any familiar phishing attacks. But because each new Fearware campaign is different from the previous ones, it becomes difficult to identify and block them.

He further pointed out that the cyberattacks that disguise as offering security information are less likely to raise alarm bells. That’s why it’s very easy for people to regard them as genuine.

In the previous hacking attempts, the Russian-language cybercriminals shared an interactive map showing the spread of Coronavirus. The map was initially designed by John Hopkins University to offer real-time updates on the spread of the disease. However, the criminals took advantage of the situation and started sending malware to those who would open the mail thinking it’s from John Hopkins University.

Summary
Hackers are Sending Fake Coronavirus Fishing Mails to Steal Bitcoin
Article Name
Hackers are Sending Fake Coronavirus Fishing Mails to Steal Bitcoin
Description
As the world continues to stay under panic mood as a result of the spread of Coronavirus, hackers are taking advantage of the situation to steal money and data from users.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 29, 2023
Compromised routers allowed online criminals to target Pentagon contract site
Koddos

Newsletter

Get the latest stories straight
into your inbox!

Popular Articles

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 29, 2023
Compromised routers allowed online criminals to target Pentagon contract site
Aug 28, 2023
1.2 million customers of Mom’s Meals were affected after the recent data breach
Aug 28, 2023
How VPNs Can Defend Against the Threat of Hacking
Aug 23, 2023
Terra Developers Shut Down Website Amid A Phishing Campaign

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading