In light of the current COVID-19 outbreak, the general public would want to stay up to date with the latest developments. During the health emergency, there are cybercriminals that are taking advantage of the situation by spreading malware through “Coronavirus” applications.
A PC application ( Corona-virus-Map.com.exe ) disguised as a Coronavirus map has been found to be spreading malware. According to cybersecurity researcher, Shai Alfasi, the malware had weaponised the application to steal personal details such as usernames, passwords, credit card info and other information that is stored in users’ browsers.
The Malware responsible is identified as AZORult which was first spotted in 2016. When a machine is infected, it is used to steal browsing history, cookies, passwords, cryptocurrency keys and more. In addition, it is also capable of downloading additional malware on the infected machine. AZORult is reported to be commonly sold in Russian underground forums and there’s a variant which quietly creates an admin account which would provide perpetrators remote desktop access to the infected machine.
For unsuspecting victims, the app looks harmless as it appears to be identical to Johns Hopkins University’s Coronavirus map. When the 3.26MB file is executed, it will create duplicates of Corona-virus-Map.com.exe, Corona.exe, Bin.exe, Build.exe and Windows.Globalization.Fontgroups.exe files.
According to Alfasi, there are APIs that facilitate the decryption of saved passwords from infected web browsers and then it moves it to a temporary folder. The malware will also try to steal login data from online accounts which include Telegram and Steam. The stealing of data happens automatically and all it takes is for a user to execute the malware. The security expert recommends using anti-virus software to fix infected machines and to block potential malware attacks.
If you want to stay up-to-date with the latest COVID-19 situation, you can follow the Ministry of Health Malaysia on Twitter and Facebook. Do not attempt to download and run any strange files that you receive from unknown sources.
[ SOURCE ]
It's been awhile now since we did one of these lists---since November of last year…
Road Transport Department (JPJ) has revealed that the online insurance aggregator BJAK was not authorised…
You most probably know this company as the custodian of Nokia phones. However, HMD Global…
Samsung Malaysia has announced yet another new Galaxy Tab S6 Lite for 2024. This is…
If you're looking for a budget 5G smartphone, Xiaomi Malaysia has released the Redmi 13C…
Planning to travel to Japan soon? With the emergence of cross-border eWallet payments, we recently…
This website uses cookies.