Live Coronavirus Map Used to Spread Malware (krebsonsecurity.com) 19
Malware distributors "have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software," reports security researcher Brian Krebs:
In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware. Late last month, a member of several Russian language cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins interactive map as part of a Java-based malware deployment scheme.
The kit costs $200 if the buyer already has a Java code signing certificate, and $700 if the buyer wishes to just use the seller's certificate. "It loads [a] fully working online map of Corona Virus infected areas and other data," the seller explains. "Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral...!" The sales thread claims the customer's payload can be bundled with the Java-based map into a filename that most Webmail providers allow in sent messages... The seller says the user/victim has to have Java installed for the map and exploit to work, but that it will work even on fully patched versions of Java...
It's unclear how many takers this seller has had, but earlier this week security experts began warning of new malicious Web sites being stood up that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.
The kit costs $200 if the buyer already has a Java code signing certificate, and $700 if the buyer wishes to just use the seller's certificate. "It loads [a] fully working online map of Corona Virus infected areas and other data," the seller explains. "Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral...!" The sales thread claims the customer's payload can be bundled with the Java-based map into a filename that most Webmail providers allow in sent messages... The seller says the user/victim has to have Java installed for the map and exploit to work, but that it will work even on fully patched versions of Java...
It's unclear how many takers this seller has had, but earlier this week security experts began warning of new malicious Web sites being stood up that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.
Re: (Score:2, Insightful)
Yes, china was slow to accept and react to the outbreak, but they were quick to respond and quarantine once they acknowledged it, and did so quite vigorously.
Much more-so than the rest of the world which is why the ROW, North America in particular is probably going to have serious problems with this.
Re: (Score:3)
You're feeding an obvious troll. Racist, too, or also paid to fake that. Yeah, I know that my own comment was slightly tangential, focusing on how email was used to spread the scam, but this troll is just feeding the scam itself, trying to propagate the same kind of disinformation that the scam is using.
However, as regards your comment, even though it's following the track of the troll, I have to protest a bit. We really don't know how quickly the Chinese responded because any information coming out of Chin
Not only that (Score:1, Troll)
Their habit of using the natural world as their larder and killing and just about eating anything with DNA (and using what they dont eat as ingredients for their utterly useless woohoo medicine**) is what caused the species jump in the first place.
** It cures nothing more serious than upset stomachs and even the chinese use western medicine such as antibiotics for serious illnesses. But hey, I'm sure the keratin in rhino horn has magic powers we're just too ignorant to understand. Whatever.
Re: (Score:2, Insightful)
The problem is sick fucks eating bats, and dragging live wild animals to the market to be slaughtered in front of the customer.
Re: (Score:1)
The entire nation is rotten from the core.
Re: (Score:2)
Right. As opposed to Donald Trump's responses.
But email is the primary vector of these scams (Score:2)
Old story, but it's also an ancient problem. And I still think the best way to root it out is go after the spamming scammers' wallets. If they didn't profit, then they would stop.
Proof of Concept: What happened to the pump-and-dump stock scam spam? You don't see it anymore because they changed the rules to cut off the money. (But only after a couple of academics published papers showing how the scammers were effectively printing money.)
There should be an email system with spammer-fighting tools, not just be
Re: (Score:1)
Actually I think pump-n-dump still happens, just not as widespread. Example: SCO vs IBM. It wasn't that long ago.
Re: (Score:3)
Old story, but it's also an ancient problem. And I still think the best way to root it out is go after the spamming scammers' wallets. If they didn't profit, then they would stop.
If you just shot them, the problem would stop faster. And I'm not joking either - robocallers are at the top of my list for a date with the firing squad.
Dupes (Score:2)
The same map is used to spread dupes on Slashdot.
You mean "Phobia:Chickenbrain/Corona.2019!insane"? (Score:2)
Definitely the worst malware for ChickenOS.
Should have installed Brain/Human...
At least they're honest (Score:5, Funny)
At least they're honest. "Click here to see the virus!" Yup.
Coronavirus used to spread Microsoft Malware (Score:2)
That would be only computers running Microsoft Windows.