Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Crime Security

Live Coronavirus Map Used to Spread Malware (krebsonsecurity.com) 19

Malware distributors "have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software," reports security researcher Brian Krebs: In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware. Late last month, a member of several Russian language cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins interactive map as part of a Java-based malware deployment scheme.

The kit costs $200 if the buyer already has a Java code signing certificate, and $700 if the buyer wishes to just use the seller's certificate. "It loads [a] fully working online map of Corona Virus infected areas and other data," the seller explains. "Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral...!" The sales thread claims the customer's payload can be bundled with the Java-based map into a filename that most Webmail providers allow in sent messages... The seller says the user/victim has to have Java installed for the map and exploit to work, but that it will work even on fully patched versions of Java...

It's unclear how many takers this seller has had, but earlier this week security experts began warning of new malicious Web sites being stood up that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.

This discussion has been archived. No new comments can be posted.

Live Coronavirus Map Used to Spread Malware

Comments Filter:
  • Old story, but it's also an ancient problem. And I still think the best way to root it out is go after the spamming scammers' wallets. If they didn't profit, then they would stop.

    Proof of Concept: What happened to the pump-and-dump stock scam spam? You don't see it anymore because they changed the rules to cut off the money. (But only after a couple of academics published papers showing how the scammers were effectively printing money.)

    There should be an email system with spammer-fighting tools, not just be

    • Actually I think pump-n-dump still happens, just not as widespread. Example: SCO vs IBM. It wasn't that long ago.

    • by lgw ( 121541 )

      Old story, but it's also an ancient problem. And I still think the best way to root it out is go after the spamming scammers' wallets. If they didn't profit, then they would stop.

      If you just shot them, the problem would stop faster. And I'm not joking either - robocallers are at the top of my list for a date with the firing squad.

  • The same map is used to spread dupes on Slashdot.

  • Definitely the worst malware for ChickenOS.

    Should have installed Brain/Human...

  • by lgw ( 121541 ) on Sunday March 15, 2020 @03:41PM (#59833166) Journal

    At least they're honest. "Click here to see the virus!" Yup.

  • Malware distributors "have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software

    That would be only computers running Microsoft Windows.

You know you've landed gear-up when it takes full power to taxi.

Working...