<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

Hackers Are Taking Corona Camouflage to Hit Targets across the World

20 Mar, 2020
Hackers Are Taking Corona Camouflage to Hit Targets across the World

Hackers in the wild are taking advantage of the recent outbreak of the Corona pandemic to meet their intruding intentions.

You must be receiving a lot of messages over the internet and every digital platform regarding ways to prevent and cure the Corona virus.

Good samaritans all over the world are surely spreading awareness mails to save your life.

But you can never be sure.

Virus can be of any type medical, digital or even human.

Hackers around the world are taking advantage of the biological emergency facing planet earth to meet their evil ends by sending phishing e-mails masquerading as medical messages meant to help the Corona victims.

The emails often read "Offer information on how to defend against the real-world virus" as reported by Bleeping Computer, which accredited the campaign to Emotet.

According to them, spammers are sending out bulk emails stuffed with malware under the disguise of health help to target computers around the globe in order to strike gold in the present situation of global fear and helplessness.

These emails are designed as official notifications from public health centers and are attached with declarations on details of safety and cure measures against Corona borne maladies.

There is a large number of such infected email campaigns as tracked by cyber security agencies flooding the internet all cajoling the user to click and open spyware mail links to corrupt their systems.

The subjects of the emails including their document filenames are similar. They are written with different modifications of the current dates and the Japanese translation for the word 'notification' to indicate the emergency of opening the mail.

Kaspersky technologies too have discovered the syndrome of phishing files in the disguise of medicinal help in the name of Corona.

The files about Corona virus were marked pdf, mp4 and Docx. The names of files indicated that they were comprised of video instructions on protection rules from the virus, news updates on the threat and even detection process of the virus, though falsely.

On the contrary these files contained a host of threats from Trojans to worms which could be destroying, blocking, modifying or copying data and interrupting the operation of computers or computer networks.

"The corona virus, which is being widely discussed as a major news story, has already been used as bait by cybercriminals," said Anton Ivanov, Kaspersky malware analyst.

What are the measures that can be taken to prevent scam stars take advantage of an epidemic?

  • Organizations have to impose strict IT rules regarding cyber security and system policies, employing IT safety teams levying keywords on their email gateways.
  • Employees should be made cautious of receiving the right mail and deleting the rest with links like 'Corona virus' or '2019-nCoV' in body or subject line. Such emails from unknown subjects should be banned leaving out internal mails of the organization.
  • External mails with suspicious links to be investigated on.
  • With an increase in domain registrations related to the virus since the outbreak and bad actors sending bulk spams taking advantage of it, such new domains must be supervised in the respective networks. Keywords should be looked for in Proxy/DNS/Firewall logs. The domain names should be worked on and not TLD and URLs.
  • A use case is necessary for monitoring if anyone or any file is trying to call domain names with keywords as "corona" or "covid-2019", taking care that it is not applicable for URL or websites.
  • The focus must be on mainly on the domain destination scenarios, only the domain names.
  • Once an alert is received with their DNS records/AAA records understood it may or may not be concluded as suspicious.

ISOAH helps your organization be safe from malicious hacking attacks with its expert anti hacking audit.

Read more on Corona Virus and Cyber Security.

 

Read Other Articles

Read All Articles »

Hacking Tools

Explore All Hacking Tools »
UFTP - UDP based FTP with encryption
UDP based FTP with encryption

UFTP is an encrypted multicast file transfer program for secure, reliable & efficient transfer of files. It also helps in data distribution over a satellite link.

Read Details

Breaking News

Breaking News Of Each Month »
Cyber Scam in the days of Coronavirus & Lockdown
Cyber Scam in the days of Coronavirus & Lockdown

The recent pandemic was unexpected and unknown to most part of the world. It has changed our life and we are slowly adapting to our new lifestyle. The risks associated with the new lifestyle, both personal & corporate, are unknown to most of us.

Read Details