“Hackers around the world have discovered that the coronavirus well serves them as a partner for their activities and have been uploaded to the wave of the epidemic.”
So what explained the firm’s expert in cyber-security Check Point, whose Index of Global Threats had warned in January that the offenders were exploiting the interest in the disease to spread malicious content, primarily through the campaigns of junk emails (“spam”).
Since begun 2020, the company has registered over 4,000 domains related to the coronavirus – worldwide, 3 percent of which were downright malicious and 5 percent are suspects.
“The domains related to the coronavirus have 50 percent more likely to be malicious than others registered in the same period”, he explained on his blog.
Many are used for phishing attempts (phishing), as a Check Point discovered in Italy, the third country hardest hit by the bad, with almost 4,000 cases and approximately 150 cases fatal at the close of this edition.
In such a message, an alleged official of the World Health Organization (WHO), called Penelope Marchetti, urged the people to open an attached document that contained “all the necessary precautions against coronavirus infection”.
The e-mail with the subject “Coronavirus: important information on precautions” contains a malicious file called f###########.doc (where # are digits). Of course, the signer does not work for the agency, and the addresses of the senders do not belong to official domains.
By clicking on the icon, it will download Ostap Trojan-Downloader, which installs Trickbot, a trojan “that is constantly updated with new capabilities, features and vectors of distribution, (…) a malware flexible and customizable that can be distributed as part of campaigns multipurpose”.
For these reasons, Check Point delivered the following recommendations:
- Be careful with e-mails and files from unknown senders, especially if they request a particular action that wouldn’t normally do.
- Make sure to order products from authentic sources. One way to do this is to not click on promotional links in e-mails and, in its place, search on Google the retailer and click on the link of the results page of Google.
- Careful with the offers as “special”. “A cure exclusively for the coronavirus for $ 150” is not usually a purchase legit, but a fraud, very likely. For the moment, there is no cure. If there is any, do not offer by e-mail.
Recommendations of the editor