Cybercriminals are using the fear of coronavirus break across the globe to spread malware through emails. They are offering preventive measures against the real-time virus. The emails come with an attachment that contains malware and promises to provide details on preventative measures against the coronavirus.
It was first detected by IBMX-Force threat intelligence in Japan. It is targeting the victims and most affected areas including Gifu, Osaka, and Tottori. The emails are mostly written in japans language.
The email attachment is available in Microsoft word and contains malicious payloads linked to the Emotet malware family. When the victim clicks on the link, the cybercriminals get access to their credentials, browser history, and sensitive information or files.
Cybercriminals associated with the Emotet group of malware are using stolen emails to send messages to the public claiming to be from Japanese health organizations. Those emails contain an attachment offering information about how to avoid 2019-nCoV.
You may find various tips on how to avoid coronaviruses like washing hands, staying home and not interacting with an affected person. You can use similar tips by avoiding clicking such links and opening emails. Don’t interact with any unknown person.
The cybersecurity experts at Kaspersky have also discovered the malicious file related to the coronavirus. The malicious files are disguised as PDF, MP4 and Docx files and contain a video that provides tips on how to protect you from the coronavirus, updates related to the virus and symptoms of the viruses.
The victims do not know that the file carries a range of threats including Trojan and worms which are destroying, blocking, modifying and copying the sensitive data and interfering in the computer network once opened.
The U.S government cybersecurity and infrastructure agency has also issued an alert to be aware of the targeted Emotet malware attacks. The criminals behind are the Emtoet group and they spreading malware in a system once the victim clicks on it. They are motive is credential-harvesting payload besides distributing malware. The payload also logs he browser history and search history and further transferred to the cybercriminals’ server.
The cybercriminals are playing with the public genuine fear to spread malware by providing those tips about the recently growing virus. Google, Twitter, Facebook, TikTok, and other sites have also improved their security by enabling SOS alert and expanding the knowthefact which was created to help people find credible information.