Cyber-criminals are exploiting people’s fears of COVID-19 – we analyze the threats
April 2020 by Kevin McNamee, Nokia
As the COVID-19 outbreak continues to impact the world, people are understandably afraid for the health of themselves and their families.
Unfortunately, the ‘real’ virus is not the only thing spreading. Cyber criminals are exploiting peoples’ fears and using their need for up-to-date information to infect their devices with malware.
Nokia’s Threat Intelligence Lab has analyzed the current crop of the most common malware and identified two main types - malware directly related to the Corona virus outbreak and established malware delivered through Corona-related phishing campaigns.
Examples of the threats include:
“Corona Virus” Trojan – targeting Windows, this Trojan mimics a real map of the global locations of COVID-19 infections to trick users into downloading the malware which then steals user credentials and other personal data
CovidLock Android Ransomware – an Android app that pretends to give users a way to find nearby COVID-19 patients and track the virus’s spread across the world. Installing the app locks the device and asks the user to pay $250 in ransom in bitcoins
Android.Corona Safety Mask SMS Scam – pretending to be an app that help users find safety masks, this info-stealer obtains contacts and SMS messages then sends fraudulent messages to the victim’s contacts.
The Lab assesses new threats as soon as they appear, ensuring a timely response and accurate detection of these threats. This helps Communications Service Providers (CSPs) to stay abreast of the latest developments and guide their frontline staff on the advice they need to be giving to their customers.
It also contains a timely summary of how end-users can keep their devices secure. Measures include visiting only reputable sites, using anti-virus software and keeping devices up to date with patches.
With the threat of the ‘real’ virus, the last thing people need is malware infecting their devices at this worrying time – Nokia is here to support both CSPs and end users.