As COVID-19 continues to surge, hackers are exploiting thousands of users. They are taking advantage of the disease with malicious cyberattacks.
According to Check Point, a cybersecurity firm, more than 192,000 cyberattacks related to coronavirus have been reported in just one week. The firm adds that this number continues to increase weekly.
A close analysis of the reports reveals that these cyberattacks are using some of the most common exploits. Among which include downloadable malwares, phishing emails, and malicious contents. These exploits are usually paired with coronavirus-related news or facts that make people curious enough to access them.
The trap
Cybersecurity experts agree that these types of attacks are fairly simple and uncomplicated to execute. Hackers simply package their payload into a coronavirus-related email or website and send it to their target. One the target opens the package, they unknowingly spring the trap.
In less than a month, Check Point discover 192,000 cyberattacks that take advantage of the coronavirus pandemic. Most of these exploits use popular search terms such as “coronavirus” or “covid” in their domain name. This instantly catches the target’s attention and they will eventually spring the trap.
April 2020’s ‘most wanted malware’ is the #AgentTesla remote access #trojan and it is spreading widely in #COVID19-related spam campaigns. Read the report. https://t.co/snx3JdFePU pic.twitter.com/b1XB1UGNll
— Karin Zima Reineke (@karinz) May 11, 2020
One of the most common forms of exploit is email phishing. Hackers impersonate authorities, in this case, the World Health Organization, and send malicious emails to targets. Inside this email is a link that redirects the target to a spoof website.
Most of the time, these emails contain subjects that convey urgency. Once the target opens the attachment, their device will be infected by the AgentTesla malware.
Video conference calls are also targets
Due to the coronavirus pandemic, people are flocking into video conferencing services to continue their work. This presents a new avenue of attack for hackers.
Check Point reports that in the last three weeks, at least 2,500 malicious Zoom domains were registered. Zoom is one of the most popular video conferencing platforms.
On the other hand, Zoom is not the only platform that hackers are targeting. Services like Google Meet, Skype, and Microsoft Teams are also targets of these exploits.
This exploit involves a hacker registering a malicious domain that is vaguely similar to that of Zoom or Google Meet. The unknowing target then downloads the malware lurking on these sites.
Security experts warn that cyberattacks evolve with the current global situation. As such, vigilance is always the key. On top of that, anti-virus software and firewalls are also a great option for defense.
Image courtesy of Alexander Geiger/Shutterstock