Coronavirus, Hackers started using the interest to spread malicious activities

Coronavirus is spreading very fast, and people around the world is in fear. Officials are trying to contain, eliminate, and prevent this dangerous virus from spreading. Otherhand, Cybercriminals are misusing interest in the global epidemic to spread malicious attacks via different-different malicious campaigns relating to the outbreak of the Coronavirus.

Check Point’s report about Global Threat Index 2020 shows some hackers are misusing interest in the global epidemic to spread malicious spam activities, with different geographical targeting related to Coronavirus outbreak.

A spam campaign related to Coronavirus targeted Japan, spreading Emotet – a leading malware type for the 4th month running – via malicious email attachments pretending to be sent by a Japanese disability welfare service provider. The malicious emails perform to be reporting across Coronavirus affected locations, asking the victims to open the attached documents, which, if opened, cybercriminals attempt to install Emotet on their computer machine.

Coronavirus malicious activities via emails

Researchers also detect malicious Lokibot samples – the 8th most popular malware this month. Cybercriminals sending emails to Indonesians, on how they can protect themselves from dangerous Coronavirus. This virus spam campaign may grow even more broadly increased in the near future. The report also shows that there has also been a surge in unlawful activities via websites using Coronavirus name, allegedly selling vaccinations against this dangerous spreading virus.

Coronavirus malicious activities — Image: Check Point

May be these new domains registrant, use this domain for phishing attempts. For example– a website (vaccinecovid-19.com) was registered in Russia on Feb 11, 2020, this website is unsecure and offering user “the best and fastest test for Coronavirus detection at the fantastic price of 19,000 Russian rubles (about US$300)”.

Last month, we saw an increase in attempts to exploit the “MVPower DVR Remote Code Execution” vulnerability, affecting 45% of companies across the world. This grew from being 2nd most exploited vulnerability in December 2019 to the top spot this month.

The “Web Server Git Repository Information Disclosure” follows closely behind, with a global impact of 44%, rising from 3rd position to 2nd position this month.

In the last four months, the top cybersecurity threats have continued the same versatile, multi-purpose malware families, including Emotet, XMRig, and Trickbot. Collectively, these top three malware types impact 30% of companies globally. These cybersecurity attacks can be significantly damaging, leaving businesses vulnerable to data-stealing, extortion, or interruption in the business flow. Companies should advise their employees about the risks of opening, downloading or clicking on external documents/links that do not come from trusted sources or contact.