Back
COVID-19 being used to infect PC's
12th Mar 2020 In Security By Jack Francis

Cyber criminals using fear to prey on internet users

Cyber criminals will stop at nothing to exploit internet users even take advantage of the widespread COVID-19 panic.

In a recent threat analysis report cybersecurity detailed a new attack taking advantage of peoples desire for information on the coronavirus that is wrecking havoc worldwide. The malware is targeting those looking for cartographic representation of the COVID-19 spread, if the users downloads and runs the application it seems to just bring up a map loaded from a legitimate source but in the background is compromising the computer.

New threat, old virus

This latest threat was first spotted by MalwareHunterTeam last week and has now been analyzed at Reason Labs. It involves a malware identified as AZORult, a malicious information stealing software first discovered in 2016. The software mainly collects information from web browsers which can give access to credit cards, login details and various other sensitive information.

AZORult is reportedly discussed in Russian underground forums as a tool for gathering sensitive data from computers and can even generate a hidden administrator account in infected computers to enable connections via the remote desktop protocol.

Signs of infection

Executing the software will result in the creation of duplicate files and multiple corona.exe, bin.exe and window.globalization.fontgroups.exe files. Additionally, the malware will modify of registers under ZoneMap and LanguageList. Several mutexes are also created.

Execution of the malware will activate the created files as they attempt to connect to several URLs. These processes and URLs are only a sample of what the attack entails. There are many other files generated and processes initiated to create various network communication activities as it tries to gather as much information as possible.

Cure and prevention

As the coronavirus continues to grow you shouldn't have to worry about digital viruses so why not leave it to the experts. We can make recommendations on what systems to use to improve your cybersecurity and what you should avoid to stay safe online, so call us today at 01642 248 750 or message us at social@adnsgroup.com for more information on how we can keep you safe online.

CONTACT
Head Office

T: 01642 248 750

Contact Us

5 Eggleston Court

Riverside Park, Middlesbrough

TS2 1RU

Opening hours: 08:00 - 18:00

Gateshead Office

T: 0191 7315 750

Contact Us

Building 7, Queens Park, Queensway,

Team Valley, Gateshead,

NE11 0QD

Opening hours: 09:00 - 17:00

Glasgow Office

T: 0141 2551 828

Contact Us

Clyde Offices, 2nd Floor,

48 West George Street, Glasgow,

G2 1BP

Opening hours: 09:00 - 17:00

IT Help Desk

T: 0800 612 5360

Contact Us

Opening hours: 08:00 - 18:00

Report Suspicious Emails

E: report@phishing.gov.uk

SECTORS

ENTERPRISE

SME

HEALTHCARE

EDUCATION

LOCAL GOVERNMENT

CHARITIES

DISCOVER

About

Blog

Careers

FOLLOW
© 2024 ADNS Group
Sitemap Terms & Conditions Privacy Notice
Design & Development by Calm Digital