In light of the current COVID-19 outbreak, the general public would want to stay up to date with the latest developments. During the health emergency, there are cybercriminals that are taking advantage of the situation by spreading malware through “Coronavirus” applications.
A PC application ( Corona-virus-Map.com.exe ) disguised as a Coronavirus map has been found to be spreading malware. According to cybersecurity researcher, Shai Alfasi, the malware had weaponised the application to steal personal details such as usernames, passwords, credit card info and other information that is stored in users’ browsers.
The Malware responsible is identified as AZORult which was first spotted in 2016. When a machine is infected, it is used to steal browsing history, cookies, passwords, cryptocurrency keys and more. In addition, it is also capable of downloading additional malware on the infected machine. AZORult is reported to be commonly sold in Russian underground forums and there’s a variant which quietly creates an admin account which would provide perpetrators remote desktop access to the infected machine.
For unsuspecting victims, the app looks harmless as it appears to be identical to Johns Hopkins University’s Coronavirus map. When the 3.26MB file is executed, it will create duplicates of Corona-virus-Map.com.exe, Corona.exe, Bin.exe, Build.exe and Windows.Globalization.Fontgroups.exe files.
According to Alfasi, there are APIs that facilitate the decryption of saved passwords from infected web browsers and then it moves it to a temporary folder. The malware will also try to steal login data from online accounts which include Telegram and Steam. The stealing of data happens automatically and all it takes is for a user to execute the malware. The security expert recommends using anti-virus software to fix infected machines and to block potential malware attacks.
If you want to stay up-to-date with the latest COVID-19 situation, you can follow the Ministry of Health Malaysia on Twitter and Facebook. Do not attempt to download and run any strange files that you receive from unknown sources.
[ SOURCE ]
The Huawei Mate candybar smartphone series is back with the launch of the Mate 80…
TNB Electron has turned on their first EV charging location in Negeri Sembilan. They have…
Proton has officially taken the drapes off the 2026 Proton X90. The newly refreshed D-segment…
Google has announced new verification requirements for advertisers promoting financial products and services to users…
Malaysia’s electric vehicle (EV) market continued to grow in February 2026 even as overall vehicle…
The order books for MGS5 EV CKD are now open after MG Motor Malaysia officially…
This website uses cookies.