COVID-19 has claimed close to 5000 lives across the world and has been classified as a pandemic by the World Health Organisation (WHO). However, cybercriminals are busy exploiting the coronavirus scare to spread malware.
As the number of active coronavirus victim rises with each passing day, everyone's keeping a close eye on the spread of the disease. Several organisations have made dashboards to keep track of the SARS-Cov-2 or Coronavirus but fraudsters have found a way to use these maps to hack your computer.
Fake Coronavirus dashboards
Shai Alfasi, a Reason Labs security researcher, found that hackers are using coronavirus dashboards to steal information of users including user names, passwords, credit card numbers, and other information stored in the victim's internet browser. Alfasi said that hackers are mostly using malicious software AZORult to execute the attack.
He explained that AZORult was first created in 2006 with the aim to infect computers and steal data from it. "It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines," he said.
"AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer," he added. Alfasi also said that hackers are targeting only Windows devices at the moment but could soon come up with ways to attack other devices as well.
Don't use unreliable dashboards to track Coronavirus
First of all, check the developer of the dashboard. Do not use a Coronavirus map developed by an unauthorised source. Hackers have copied the designs of genuine dashboards to make their fake maps look real, so it could become really difficult to differentiate between the verified and the fake ones. However, the fake dashboard could include spelling errors and a different font style. Apart from that, you can check the authenticity of a dashboard from its URL.
Fake Coronavirus dashboards aren't the only way cybercriminals are tricking people. They have been posing as WHO authorities to send phishing emails and asking people to click on malware infused PDF files to see precautions against Coronavirus. Fraudsters were also using fake Coronavirus related apps to trick people, but thankfully these have been removed from both Play Store and the App Store.