Internet users need to be on the lookout for information stealing software that can be disguised as a coronavirus map or news item. Many computers around the world have already been infected when the user unknowingly clicked on a link to a map of coronavirus cases around the world that was disguised as a legitimate news source.
Fake coronavirus threat maps have been discovered circulating the web, which will attempt to steal sensitive information from a user’s computer when opened. Various kinds of scams from price gouging to internet attacks have shown that certain kinds of individuals who want to take advantage of others will not be deterred, even during the largest pandemic in recent history. In the United States, criminal charges have already been filed against some individuals who attempted to hoard and resell essential items at high prices.
A security analyst found that the coronavirus map appeared through a web link, which was tied to an executable file that would run when the user clicks on it. The link appears to open a real map that mirrors statistics found on other sites covering the global spread of the virus. It most closely mirrors the map used on the Johns Hopkins University website. The security expert that first discovered and reported on this phenomenon said that it looks well designed and could easily fool many users. The links to the malicious map were known to be contained in emails that had been widely circulated. If a user opens the map through the links in the email, their computer will be infected.
A similar group of information stealing programs has been around the internet since 2016. The panic tied to coronavirus has given information thieves plenty of new targets as people frantically attempt to read and track the news for updates. These types of malware programs are usually found on certain Russian forums where discussions and exchanges of all kinds of illicit activity happen.
This kind of malware is particularly concerning because it can steal stored passwords and credit card information from a user’s browsing history, as well as opening the computer up to downloading additional harmful programs. Some versions of this program are now also attempting to get information to access valuable cryptocurrency accounts. Once a user has clicked on the map, their finances and identity can be compromised.
The programs work by creating a unique ID each time a new computer is infected. The malware will then begin to extract data and create encryption to communicate between a server where the stolen info is stored. The server can provide criminals with web browser paths and other info, along with access to other files on the infected computer.
Taking advantage of disaster times
The patterns of behavior seen from these information thieves, price gougers, and others kinds of opportunists is common during emergency times. Various online retailers such as Amazon and eBay have already been shutting down various kinds of illegal sales since the pandemic began weeks ago.
People should be especially careful of where they browse on the internet in the coming weeks, and only get their information from known news sources.