When you hear the word “Virus”, the first thing that comes to your mind is “something bad for my PC”. Although 2020 is an exception because these days “virus” is mostly related to health, there are still some notorious hackers out there who are exploiting the coronavirus issue to steal your data. Recently a group of young hackers used a trojan horse malware to infect victim’s pc and steal data such as password username and browsing history. They build a window application that displays the total number of coronavirus cases across the globe on an interactive map. This lucrative map application proved to be insidious as it carries an AZO Rolt malware that can copy all the passwords, browsing history, cookies, information related to cryptocurrencies and many such things and transfer back to hackers. Although this malware is not new in the cyber world, available since 2016, the new coronavirus map technique is making a lot of gullible users to fall for it. The payload with this downloadable map is fairly small (4mb) so it usually doesn’t ask for much scrutiny from the user.
State and Government
In complete honesty, these cyber-attacks don’t come as a surprise because this is not the first time that hackers have tried to exploit any tragedy and a pandemic. Cyber-attacks related to the Paris terror attacks of 2015 epitomized this. But what surprises us is that these condemnable activities are not only practiced by amateur hackers but also by government-backed hacking groups. According to a report, China, North Korea, and Russian govt backed hacker groups are using covid19 to lure victims and to hack in their system and spread misinformation which is causing wide distress around the globe.
A Chinese govt backed advanced persistent threat group is using covid19 to spread malware dubbed as the vicious panda. This attack uses two rich text format (RTF) files to target Mongolian public sector workers. These files are shared via email and once opened they can take a screenshot of the victim’s system. This attack can transfer information of a list of all the files in victims’ PC. In another attack, a Russian group called “hades” is using a back door trojan to spread disinformation across the globe. They are spreading spam emails and sharing false information with the majority of the Ukrainian population. The series of emails claimed that the coronavirus has entered their country and it incited fear among citizens which even led to riots in some places.
Cybercrimes are increasing as more and more people have started to work from home and not from more secure offices where the internet is secured, reliable and harder to crack into. Also, there is a dedicated IT team that keeps track of all the malicious activities to protect you from every possible distinct danger. But there are some groups which instead of stealing data are trying to trick users into paying them money directly into their bank accounts. One such group created an app named “Covid19 tracker”. This app claims to track all the number of corona affected patients but what it does is fill your device with bloatware. It requests access to lock screen and other accessibility settings, which by the way are not at all required for a genuine tracking app. Then this app displays a warning message on the lock screen that your system is under danger and locked. It only allows you to unlock your device only once you agree to pay $100 in bitcoins. This app is not available on the app store but can be downloaded via websites easily accessible to the public. These kinds of attacks are easily avoidable if people are more aware of cybercrime and are more conscious of their online activities. No major genuine business uses bitcoin as their primary payment gateway
How to be safe?
These are hard times, people can’t move freely, they can’t go to their jobs and there is a lot of palpable tension in the air. But all these reasons are not enough to let your guards down while surfing the internet. Strictly avoid downloading apps that are not on play store, make sure to keep your operating system updated with the latest versions for better security. Also, try not to download tracking applications related to the coronavirus. To get the most accurate information about it, you can refer to the john Hopkins website which is completely safe and trustworthy.
Remember that in these tough times the government has bigger problems at their hand, so the onus of cybersecurity falls on users’ shoulders.