As people seek out information about the spread of COVID-19, hackers are circulating fake world maps that are tracking the spread of coronavirus but are actually infecting people’s computers with malware when opened. How are the hackers getting people to visit these websites? Hackers get people by circulating links to the malicious websites by using social media or through misleading emails disguised as COVID-19. To give the fake and malicious map an extra aura of authenticity, criminals have designed it to mimic a legitimate COVID-19 threat map created by Johns Hopkins University that similarly shows countries hit by the virus together with the latest statistics.
As you can see, the fake corona-virus map is almost an exact replica of the legitimate one. These websites compel the user to download an application to stay updated on the latest news about the virus. Interestingly, this application is not installed but presents a map that reveals how the virus is spreading across the globe. This malicious map generates a binary file called CoronaMap.exe that gets installed on the victim’s device. The sites are infected with Azorult malware, which is a data-stealing malware discovered in 2016.
Innocent users are most likely to click on the wrong/malicious links and get their login credentials including usernames and passwords and financial information exposed or even hacked. There are genuine maps available that can be used to track coronavirus but keep in mind that hackers are using have fake URLs and their fake maps possess similar details with minor differences from other sources to trick users into believing that they are viewing a credible site.
The Coronavirus health epidemic is the current favorite topic to cybercriminals, and the way cybercriminals are using the Coronavirus disaster to spread fear and infect users’ devices with many different forms of viruses continue to change and expand. Cybercriminals with no nation-state ties have also been playing the Coronavirus card heavily trying to monetize on their targets’ COVID-19 fears.
Thanks for reading this!! Stay safe and healthy out there 🙂
was formed in 2015 by a group of Cyber-security practitioners with experience in large enterprise. Our mission is to bring those frameworks and practices to help small to medium businesses get and stay cyber secure.
Our team can help you asses your current information Security and Privacy Controls to ensure that you are doing you due-diligence in managing your corporate risk profile.
If any gaps or vulnerabilities are discovered, our team will document these as well as define a road-map to remediation.