How Hackers Take Advantage of the Coronavirus!

In the past few months, you have probably followed the rapid evolution of coronavirus cases worldwide, especially in the USA, Brazil, and, more recently, in India, forcing the adoption of a series of measures to curb the spread of the disease that has changed the day to day in companies.

Now, however, in addition to the already known dangers of the disease for those infected, especially those who are part of the so-called “risk group”, which includes the elderly, people with asthma, with heart disease, smokers, and diabetics, it is necessary to be aware to the cyber threats that are emerging as a consequence of the crisis, as hackers are using all the tools at their fingertips to take advantage of the Coronavirus concern to spread phishing and social engineering scams.

Phishing campaigns, fraudulent promotions, and “disinformation” campaigns are among the most common forms of attack. A recent example was the attack suffered by the United States Department of Health and Human Services (HHS), which suffered a distributed denial of service (DDoS) attack after a campaign aimed at spreading panic during the COVID-19 pandemic.

According to a report from the security company Recorded Future, there is a significant increase in the registrations of websites related to Covid-19, some of which are used to steal information from recipients or attack their computer with malware.

Recorded Future released a list of potentially dangerous domains, an example of which is: coronavirus status; coronavirus-map;  coronavirus-realtime, with endings like .space, .com, .digital, .zone. Other security companies have discovered, through antivirus software, websites with malicious behavior that include the word coronavirus.

There are also registered domains that appear to come from the Centers for Disease Control and Prevention (CDC), when in fact they are from serious spammers. Besides, there is a record of at least one malicious coronavirus map which secretly installs malware that can steal information from PCs.

The recommendation to avoid being a victim of cybercriminals is to avoid visiting those sites, not opening emails from these domains, or any link within the body of the email, as well as the attached files. You simply have to close the email and delete it. Despite the multiplication of domains related to the coronavirus, there are still no reports of its link to criminal activities, which could happen at any time.

A malicious email will ask the user to enter a link or open an attachment to obtain more information on how to protect themselves from the coronavirus, for example. They also include Covid-19 phishing attachments, so you need to run an antivirus and any other security tools that can detect them, Recorded Future says.

The cybersecurity company also warns of the existence of "government spies" who are taking advantage of the coronavirus, spy groups associated with China, North Korea, and Russia sending emails to try to find routes of commercial networks, and are Targeted at industries that are particularly susceptible to shipping disruptions, including manufacturing, industrial, financial, transportation, pharmaceutical, and cosmetic.

These hackers send documents loaded with malware in a hidden way with spyware (spy program) that steals data, taking advantage of the interest in the Covid-19 situation. Anyone is a potential target for cybercrime or international spies, so the solution is not to open suspicious emails and dispose of them immediately.