Corona virus has now spread rapidly worldwide and recently declared by the World Health Organization as a global pandemic. Amidst the Global fear this virus has brought us, cybercriminals do not show signs of slowing down as they are continuously capitalizing on the said virus to spread different kinds of cyber-attacks.
There is a newly discovered attack which is the Corona-virus-Maps.exe application that is intended to target the individuals who are looking for cartographic presentation of data about the spread of NCOV-19. This executable file is a small Win32 EXE file with a payload size of only around 3.26 MB.
The Corona-virus-Maps.exe has a legitimate look on its Graphical User Interface as they have copied the interface and data of the legitimate source from Johns Hopkins University Coronavirus Research Center. It shows the “Map of Infection” that provides the total confirmed cases of NCOV19 by country and total number of deaths and recovered patients.
The newly discovered malware uses an information-stealing software AZORult a not-so-newly discovered malware as it has been around since 2016. This malware can capture the login credentials from the infected Web browser and sends it to C:\Windows\Temp folder.
The captured credentials may be used by the cybercriminals to access your credentials where emails or banking information. These information may also be sold on the Dark web.
Pandemic level of dispersion for NCov-19 urges a paramount caution not only offline (actual contact with others) but also online. Cyber attackers are not giving any signs of getting stopped, will continue to create different kinds of cybercrime, and exploit the immense dispersion of NCov-19, which is not surprising if a massive amount of people will fall prey.
How can you protect yourself from this malware?
- Make sure to install Antivirus software on your computer for early detection of the said malware.
- Refrain from performing downloads on any file from unreliable sources.
While knowing how to protect ourselves is advantageous. There are many other ways to proactively search for our own data and unwanted digital footprint across both the internet and the dark web. Actively monitoring our data, whether it be on a personal or business perspective, is essential for us to fathom on how unwanted information will affect us. iZOOlogic performs such search, monitoring, and analysis to ensure that these data, such as leaked credentials found caused by blackhat activities, are adequately relayed to the concerned affected parties.
