Fake News Uses Coronavirus To Spread Malware

Uploaded on 2020-02-10 in TECHNOLOGY--Hackers, FREE TO VIEW

Cybercriminals are using fake email messages about coronavirus Covid-19 to spread the Emotet Trojan as well as other malware, according to a report released this week by Kaspersky

In Japan  the Emotet Trojan, a particularly damaging of malware that has been devastatingly effective, attacking governments and financial institutions. 

An email discovered by IBM found that cybercriminals were sending emails under the guise of being part of a disability welfare service provider in Japan. The emails falsely claim that there are reports of coronavirus patients in the Gifu, Tottori and Osaka prefectures in Japan, urging victims to read an attached Microsoft Word document which contains the Emotet Trojan. 

The messages are particularly dangerous because they were made to look like official government emails, equipped with legitimate addresses, phone numbers and emails.  

Malicious files disguised as documents relating to the coronavirus have also been spotted by Kaspersky’s threat detection technology, exploiting people’s fears of infection to spread malware and other cyber threats. The malicious files discovered by Kaspersky’s researchers were disguised as pdf, mp4 and docx files about the coronavirus. In each case the filenames implied that they contained useful information on how to protect yourself from the coronavirus, information on how to detect it, and news updates.

In reality, the files contained various threats including Trojans and worms capable of destroying, blocking, modifying or copying and exfiltrating personal data, as well as interfering with the victims’ computing equipment or networks.

Coronavirus
Coronaviruses are a family of respiratory infections that includes both mild illnesses such as the common cold and more serious ones such as Sars and Mers. The variant in question emerged in Hubei province in central China in December 2019. It has now spread to every other province of mainland China and several other countries, including Australia, France, Japan, South Korea, Taiwan, Thailand and the US. The nature of coronaviruses and the difficulty of reporting cases accurately in some areas means the true number is probably unknown. The new coronavirus variant has now been named Covid-19 by the World Health Organisation.

Coronavirus News Used To Spread Malware
“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cyber criminals,” said Anton Ivanov, a malware analyst at Kaspersky. “So far, we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow. As people continue to be worried for their health, we may see more malware hidden inside fake documents about the coronavirus being spread.”

High-profile events, news stories and offline threats are almost inevitably exploited by cyber criminals to spread malicious files or run scams on victims and often play on justified concerns. Already in 2020, criminal gangs have exploited the Travelex ransomware attack to conduct telephone scams. As always, users can take a number of simple steps to avoid falling victim to malicious files masquerading as legitimate content. 

Recipients should avoid clicking on unsolicited, suspicious links sent to them that claim to be exclusive content, rather than going direct to official sources for accurate and trustworthy information on the coronavirus. It is also advisableto look closely at the three letter file extension as legitimate documents and video files will rarely if ever be in .exe or .lnk formats.

Elsewhere in the industry, the coronavirus outbreak has also begun to affect the IT supply chain. In its most recent quarterly results announcement this week, Apple said it was working on contingency and mitigation plans to protect production facilities in Chinas.

Computer Weekly:        TechRepublic:        BankInfoSecurity

You Might Also Read: 

Email Malware Targeting US Senators & Military:

 


 

 

« Big Cyber Attack Hits Iran
Spies Really Like Artificial Intelligence »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

Information and Communication Technology Authority (ICT Authority) - Kenya

Information and Communication Technology Authority (ICT Authority) - Kenya

The ICT Authority is responsible for enforcing ICT standards in Government and ensuring information security.

Navarino

Navarino

Navarino is the maritime industry’s most advanced communications and connectivity company. We develop advanced technologies and innovative IT solutions including cyber security.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

Morphus Information Security

Morphus Information Security

Morphus is an information security company providing Red Team, Blue Team and GRC services as well as conducting research in cybersecurity and threat analysis.

Risk Based Security (RBS)

Risk Based Security (RBS)

Risk Based Security provide the most comprehensive and timely vulnerability intelligence, breach data and risk ratings.

Technology Law Alliance (TLA)

Technology Law Alliance (TLA)

Technology Law Alliance is a specialist IT law firm focussed on the fields of technology, outsourcing and e-commerce.

Root9B (R9B)

Root9B (R9B)

R9B offers advanced cybersecurity products, services, and training to enhance the way organizations protect their networks.

FraudScope

FraudScope

FraudScope is an AI-assisted platform that accelerates the identification of fraud, waste, and abuse.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

Cyral

Cyral

Easily observe, control, and protect your data endpoints in a cloud and DevOps-first world. Discover Data Mesh Security with Cyral.

Aiden Technologies

Aiden Technologies

Aiden simplifies your IT process, giving you peace of mind and security by ensuring your computers get exactly the software they need and nothing else.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

Labaton Sucharow

Labaton Sucharow

Standing on the horizon of law and technology, our Cybersecurity and Data Privacy Practice helps to protect consumers who have been harmed by businesses’ failures to safeguard their customers' data.

HTX (Home Team Science & Technology Agency)

HTX (Home Team Science & Technology Agency)

HTX brings together science and engineering capabilities to transform the homeland security landscape and keep Singapore safe.

HeroDevs

HeroDevs

HeroDevs is the trusted leader in providing secure, long-term support for deprecated open-source software.