Hackers Taking Advantage of Coronavirus Panic - Report

In most cases, hackers are using these domains for phishing attempts.
Hackers Taking Advantage of Coronavirus Panic - Report
Hacker (photo credit: INGIMAGE / ASAP)
  March 5, 2020,  The Jerusalem Post
The coronavirus has led to widespread panic in many parts of the world, but new research by Israel's Check Point finds that hackers are taking advantage of the disease.
Since January 2020, there have been more than 4,000 coronavirus-related domains registered globally, according to Check Point’s Threat Intelligence. Of those, at least 5% are malicious and an additional 5% are suspicious.
“The malicious rate of the coronavirus-related domains is 50% higher than the overall rate of all domains registered at the same time period,” Check Point explained in a release. It is also higher than recent seasonal themes, such as Valentine’s Day.
The company explains that in most cases, hackers are using these domains for phishing attempts. Phishing is considered a cybercrime. Hackers “phish” for your personal information, such as your banking and credit card details or passwords.
Check Point provided an example of such a campaign that it discovered was targeting local organizations in Italy.
“Due to the number of cases of coronavirus infection that have been documented in your area, the World Health Organization has prepared a document that includes all the necessary precautions against coronavirus infection. We strongly recommend that you read the document attached to this message,” an email message read that was sent to more than 10% of all organizations in Italy.
If the user clicked on the document to "enable editing" or "enable content," this action downloaded the Ostap Trojan-Downloader, a trickbot that is a dominant banking Trojan.
Moreover, Check Point discovered that the letter, which appeared to be signed by an Italian doctor with the World Health Organization, was also fake.
“We did a search online and could not find a doctor by the name of Penelope Marchetti with WHO or Organizzazione Mondiale della Sanita,” Check Point said. “Also, the senders’ email addresses are not from the official WHO or OMS domains. Most of them were not Italian at all.”
Check Point advises that users be cautious during this sensitive time and make sure only to open attachments from known sources. It says to beware of “special” offers, too.
“‘An exclusive cure for coronavirus for $150’ is usually not a reliable or trustworthy purchase opportunity, but more likely fraud,” Check Point said.
You can learn more about the threat and ways to prevent being targeted on Check Point’s blog: https://blog.checkpoint.com.

Related News