While the world attempts to take control over the spread of the Coronavirus, and tries to contain, eliminate and prevent it from spreading, hackers around the globe have found the Coronavirus serving them well as an enabler for their activities.
The latest Global Threat Index for January 2020 shows cyber-criminals are exploiting interest in the global epidemic to spread malicious activity, with several spam campaigns relating to the outbreak of the virus.
Viruses can be transmitted in various forms, through saliva, touch or even through air, and malware is similar in the sense that it finds different vectors to penetrate.
Right after the huge global attention around the Coronavirus, cyber criminals started using the interest to spread their malicious activity.
In January and February 2020 the most prominent Coronavirus-themed campaign targeted Japan, distributing Emotet in malicious email attachments pretending to be sent by a Japanese disability welfare service provider. The emails appeared to be reporting where the infection is spreading in several Japanese cities, encouraging the victim to open the document for more information. When the document was opened, Emotet was downloaded onto the victim’s computer.
Emotet is an advanced, self-propagating and modular Trojan. It was originally a banking Trojan, but recently has been used as a distributor of other malware or malicious campaigns. It uses multiple methods to maintain persistence and evasion techniques to avoid detection. It can also spread through phishing spam emails containing malicious attachments or links.
In addition to email campaigns, since the Coronavirus outbreak, researchers have observed a noticeable number of new websites registered with domain names related to the virus.