Coronavirus used in malware attacks
The coronavirus disease (COVID-19) is being used as bait in email spam attacks on targets around the globe. As the number of those afflicted continue to surge by thousands, campaigns using the dreaded and feared virus as a lure also increase, said researchers at Trend Micro.
The mention of current events for email spam attacks is nothing new for attackers, who time and again use the timeliness of hot topics, occasions, and popular personalities in their social engineering strategies.
A rise in the use of the words “coronavirus” and “corona” in malware names and malicious domains have also been witnessed.
Trend Micro researchers acquired email samples sent to and received from all over the globe, including the U.S., Japan, Russia, and China. These emails, purportedly from official organizations, contain updates and recommendations connected to the disease. Like most email spam attacks, they also include malicious attachments.
Tactics used by hackers
One of the samples used the email subject “Corona Virus Latest Updates” and claimed to come from the Ministry of Health. It contained recommendations on how to prevent infection, and came with an attachment that supposedly contains the latest updates on COVID-19 but actually carried malware.
Quite a few of the email spam related to shipping transactions, either postponement due to the spread of the disease or one that provides a shipping update. One email informed about a shipping postponement. The attachment, supposedly containing the details of the new shipping schedule, bears malware. The email is assumed to come from Japan, and included details written in Japanese.
There were also other samples detected in foreign languages such as Italian and Portuguese. The email in Italian was about important information about the virus, while the email in Portuguese discussed a supposed vaccine for COVID-19.
As the virus spreads, it can be expected there will be more of these. People and companies following their cybersecurity best practices can help mitigate these attacks from spreading and harming their companies.