Hackers continue to elevate their malware-spreading practices amid the coronavirus scare, as they are now tricking victims using one of the most reliable online tools for information about the pandemic.
An online dashboard created by Johns Hopkins University’s Center for Systems Science and Engineering brings together data from several official bodies, including the WHO and the Centers for Disease Control and Protection. The dashboard maps the locations of confirmed and suspected cases, deaths, and recoveries linked to the coronavirus, officially named COVID-19.
However, cybersecurity blogger Brian Krebs revealed that even such an important thing may be twisted to serve the needs of hackers. Krebs wrote in a blog post that Johns Hopkins’ coronavirus dashboard is being used in malicious websites and possibly also in spam e-mails to spread malware.
Krebs flagged a “digital coronavirus infection kit” that was being sold online to for up to $700. It bundles a supposed version of the Johns Hopkins map with the hackers’ preferred payload, such as password-stealing malware.
Jill Rosen, a spokeswoman for Johns Hopkins, said that the university knows about the malware that is impersonating its coronavirus dashboard. She issued a warning that people should only trust the map found on the Johns Hopkins website and the one maintained by ArcGIS. These maps do not require any downloads, while the malware taking advantage of the online tools require potential victims to do so, according to Rosen.
“If you receive an email containing a link to download such an item or come across the code for the malicious app, please report it immediately to the Esri incident response team through ArcGIS Trust Center security concern page,” said Rosen.
Despicable acts
Hackers have been trying to take advantage of the fear over the coronavirus outbreak since earlier in the year, including through spam emails with Microsoft Word attachments. The documents supposedly contain more information about the coronavirus, but upon opening them, they will launch commands that will download malware into the victim’s computer.
While the coronavirus pandemic is still a threat, it appears that people should not only be worried about protecting their health but also their computers from the various despicable ways that hackers may think of to take advantage of the situation.