Coronavirus: Hackers using virus-tracking maps to sneak dangerous malware on your computer

Cybercriminals have found yet another way to capitalise on people's fears surrounding the coronavirus and have now started using maps to infect computers

As the new coronavirus or COVID-19 continues to spread rampantly across the world, becoming a global pandemic, as declared by the WHO (World Health Organization), everyone wants to keep track of how fast the deadly virus is spreading.

Therefore, several organizations have made coronavirus-tracking maps and dashboards available to the general public like this GISAID website. However, hackers and cybercriminals have now found a way to use these dashboards to spread malware onto computers.

Fake coronavirus maps

Coronavirus status as of 11 March, 2020
Coronavirus status as of 11 March, 2020 GISAID

Shai Alfasi, a security researcher at Reason Labs, found that hackers are using these maps to steal sensitive information from users including user names, passwords, credit card details, and other info stored in your browser.

First, the hackers design fake websites about the coronavirus and then prompt you to download an application to keep you updated on the global pandemic. This application doesn't need any installation and although it shows you a map of how COVID-19 is spreading, it's actually a disguise used by cybercriminals to infect your computer with a malicious binary file.

These websites appear as genuine maps for tracking coronavirus but have a different URL or different details from the original source. The malware has so far only affected Windows-based computers but Alfasi believes hackers are likely to come up with new versions that will affect other operating systems as well.

AZORult - A known enemy

Alfasi pointed out that the hackers used malicious software known as AZORult, which was first discovered in 2016. The dangerous software is designed not only to steal data from one's computer but also infect the machine with other malware as well.

"It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more," the researcher noted. "It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer."

Earlier this month, security researchers from Check Point revealed that more than 50 percent of domains related to coronavirus have been designed to install malware on your system.

How to protect yourself from being infected?

While we understand that it's important to stay updated regarding the coronavirus situation, make sure you only use credible and verified maps and dashboard in order to avoid getting hacked. Also, it is advised not to download any files from any coronavirus-tracking websites as a precaution as the files could be laced with malware.

Related topics : Coronavirus