In light of the current COVID-19 outbreak, the general public would want to stay up to date with the latest developments. During the health emergency, there are cybercriminals that are taking advantage of the situation by spreading malware through “Coronavirus” applications.
A PC application ( Corona-virus-Map.com.exe ) disguised as a Coronavirus map has been found to be spreading malware. According to cybersecurity researcher, Shai Alfasi, the malware had weaponised the application to steal personal details such as usernames, passwords, credit card info and other information that is stored in users’ browsers.
The Malware responsible is identified as AZORult which was first spotted in 2016. When a machine is infected, it is used to steal browsing history, cookies, passwords, cryptocurrency keys and more. In addition, it is also capable of downloading additional malware on the infected machine. AZORult is reported to be commonly sold in Russian underground forums and there’s a variant which quietly creates an admin account which would provide perpetrators remote desktop access to the infected machine.
For unsuspecting victims, the app looks harmless as it appears to be identical to Johns Hopkins University’s Coronavirus map. When the 3.26MB file is executed, it will create duplicates of Corona-virus-Map.com.exe, Corona.exe, Bin.exe, Build.exe and Windows.Globalization.Fontgroups.exe files.
According to Alfasi, there are APIs that facilitate the decryption of saved passwords from infected web browsers and then it moves it to a temporary folder. The malware will also try to steal login data from online accounts which include Telegram and Steam. The stealing of data happens automatically and all it takes is for a user to execute the malware. The security expert recommends using anti-virus software to fix infected machines and to block potential malware attacks.
If you want to stay up-to-date with the latest COVID-19 situation, you can follow the Ministry of Health Malaysia on Twitter and Facebook. Do not attempt to download and run any strange files that you receive from unknown sources.
[ SOURCE ]
Inokom Corporation Sdn Bhd (Inokom) has grown into one of Malaysia's established automotive contract assemblers…
Astro has announced several new streaming bundles that combine popular streaming services such as Disney+,…
Lenovo Malaysia has announced the new Tab Plus Gen 2 tablet, which offers a large…
As smartphone makers continue to push more on-device AI features, there's a crucial need to…
Almost 2 years after it was launched in Malaysia, the Zeekr X has received a…
Xiaomi has set another Nürburgring record for its EV, but this time without a human…
This website uses cookies.