A new report released by Nokia in October provides yet another wrinkle to the Covid-19 story that should come as no surprise: cybercriminals are exploiting fears about the disease to create new attack vectors.
Nokia’s 2020 Threat Intelligence Report, released in October, identifies a host of new Coronavirus-related malware that cybercriminals have created specifically for the virus. While some of these applications appear to have been created in a hurry in order to take advantage of the situation, they have nonetheless proven effective.
A few cases in point:
- “CoViper,” which appears to be a file containing information related to Covid-19 spread but actually infects a computer’s boot-up operation and steals passwords from an infected host.
- “Coronavirus Maps” Trojan, which looks like the Johns Hopkins University coronavirus map but actually plants malware on victims’ computers when clicked on.
- “CovidLock,” which claims to track nearby Covid-19 patients and encourages victims to install an application, but is actually ransomware that locks up their Android smartphones.
Cybercriminals are wheeling out some ‘old favourites’
In addition to newly created malware, the pandemic is also creating new uses for older malware that play on victims’ pandemic fears. For example, one Trojan application contains a PDF offering coronavirus safety measures that actually includes malware-enabling executable code.
Another variant of the well-established HawkEye malware is being distributed in mails spoofing the World Health Organization, appearing to be sent by the WHO’s Director General. One program masquerades as an application to help users get safety masks but, after obtaining permission for contacts and SMS messages, sends fraudulent messages to victims’ contacts in order to spread itself.
In order to combat these threats, Nokia offers a number of recommendations:
- Visit only reputable sites that are known to be reliable sources of information on these types of pandemics.
- Install only applications that are from trusted app stores (Google Play, Apple, Microsoft).
- Use an up-to-date anti-virus program on the mobile device.
- Keep applications and operating systems running at the current released patch level.
- Don’t open email attachments if the sender is not known and the email is unexpected.
- Don’t grant additional execution privileges if there is no clear reason and need to do so.
In short, the advice during a pandemic is exactly the same as ever: Use common sense.