As reported by Cyber Experts, it has been observed that the hackers have resorted to trapping social media users and even through email campaigns, victims into hacking accounts and also steal information of victims. The Corona Virus infection across the globe has driven NGOs and Agencies including Educational institutions, to issue advisories and also circulate social media graphic messages and also maps showing the spread of infection, etc.
Cyber Attackers, finding the pastures green, have designed websites to show update of coronavirus infection in order to prompt the viewer to download an application to keep them updated on the situation. This application doesn’t need any installation, and shows you a map of how COVID-19 is spreading. Further, the attacker uses this front-end to generate a malicious binary file and install it on the victims computer.
Just to be clear, these websites pose as genuine maps for tracking coronavirus, but have a different URL or different details from the original source.
This is not a targeted attack, but a more generic proliferation and the attacker further plans the targeted attack once the victim is in his web.
The attacker then manages through conventional means to install the desired software and then the software is made to steal data from the computer and infect it with other malware as well.
There are also reports that Iranian Coronavirus App is Collecting Sensitive Information from those who subscribe and install the Apps that are being circulated officially by the Government. Iranian Ministry of Health via SMS are sending apps to Iranian users, and encouraging them to install apps, and also to carry out a test provided in the app, in order to determine if they had symptoms of coronavirus. This then is used to collect personal information from the users. Google has already taken action and removed the app from its Play Store, because it violates their terms and conditions. However the message is being forwarded across the globe and has also been traced in India.