Hackers use Coronavirus to spread computer virus
Cyber criminals play on face mask fears to get people to click on dangerous email attachments
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Hackers are leveraging the fears surrounding Coronavirus in order to carry out cyber attacks on a massive scale, security researchers have warned.
Malware and email viruses that use Coronavirus-themed lures to trick people have spread to over a dozen countries, according to security firm Proofpoint.
The company also observed that attackers are beginning to register URLs and create fake websites relating to Coronavirus in order to carry out malicious activity.
"Global events often capture the world's attention with a combination of wide recognition and a sense of urgency," Proofpoint's threat intelligence team wrote in a blog post. "But they are also unfortunately likely candidates for threat actor campaigns."
The emails being circulated come with a document attached that appears to contain an urgent message relating to new developments with the virus's spread.
One message in Japan spread by the hacking group TA542 claims that new cases have been reported, urging the reader to open the attachment to read an important message relating to face masks and other prevention methods.
Opening the attachment launches an extremely malicious form of malware known as Emotet, which is capable of stealing valuable personal information like login details for banks. The infected device can also then be used to launch further attacks.
Emotet was previously used in campaigns relating to climate activist Greta Thunberg, as well as in seasonal emails promising details about a "Christmas party" or "Halloween party".
"Threat actors exploit times of confusion or global events to conduct cyber attacks and email phishing campaigns," said Francis Gaffney, director of threat intelligence at Mimecast.
"These actors are opportunistic and inventive - identifying vulnerabilities in infrastructure and defences, which they then use to improve their attack methodologies."
Mr Gaffney warned that periods of global disruption and confusion have become a major opportunity for cyber criminals, who play on the public's genuine fears to increase the likelihood of targets clicking on dangerous links or attachments.
Proofpoint described TA542 as a "formidable threat actor group" that would continue evolving its attacks and urged users to be particularly cautious about unsolicited emails relating to current events.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments