Wuhan coronavirus exploited to deliver malware, phishing, hoaxes

The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware and phishing emails.

coronavirus phishing

Malicious coronavirus-themed campaings

IBM X-Force says that Japanese users have been receiving fake notifications about the coronavirus spreading in several prefectures, purportedly sent by a disability welfare service provider and a public health center.

The emails contains legitimate information taken from those services’ official websites and carries an attached .doc file that ostensibly contains more information.

“The content of the document itself is just an Office 365 message, instructing the viewer to enable the content (which is malicious), in case the document has been opened in protected view,” the researchers explained. The delivered malware is the Emotet downloader.

“We expect to see more malicious email traffic based on the coronavirus in the future, as the infection spreads. This will probably include other languages too, depending on the impact the coronavirus outbreak has on the native speakers. In these first samples, Japanese victims were probably targeted due to their proximity to China. Unfortunately, it is quite common for threat actors to exploit basic human emotions such as fear – especially if a global event has already caused terror and panic,” IBM X-Force researchers added.

Mimecast researchers spotted similar emails targeting English-speaking users, purportedly sent by a virologist from Singapore, carrying a malicious .pdf attachment.

KnowBe4 specialists warn about phishing emails that look like they’ve been sent by the US Centers for Disease Control and Prevention (CDC), linking to a web page that supposedly contains updated lists of new coronavirus infection cases in the US:

coronavirus phishing

Be careful, be aware

Cyber crooks and other malicious individuals are expected to continue to impersonate official notifications by legitimate institutions to spread malware or hoaxes (and panic).

Cybercriminals are known for using high-profile, global news stories to target users and trick them into doing something they otherwise wouldn’t do, but situations like this latest coronavirus outbreak are a gift that keeps on giving since each day comes with a new update and everybody is expecting official alerts.

KnowBe4’s CEO noted that users should be careful when it comes to anything related to the coronavirus – emails, attachments, social media posts, text messages.

Don't miss