Coronavirus-themed domains 50% more likely to be malicious
New Delhi, March 8 (IANS) Cyber-criminals are spreading malicious activities through several spam campaigns pertaining to the outbreak of the novel coronavirus and virus-themed domains are emerging as 50 per cent more malicious, says a new report by cybersecurity firm Check Point Research.
According to Check Point Research’s “Global Threat Index” for January 2020, cyber-criminals are exploiting the interest in the global epidemic to spread malicious activities with several spam campaigns relating to the outbreak of the virus.
As the virus spreads across the globe, people are searching online for the latest information and updates on how it might affect them and what they can do to protect themselves and their families, and cyber-criminals are quick to take advantage of these concerns for their own gain.
“Since January 2020, over 4,000 coronavirus-related domains have been registered globally. Out of these websites, 3 per cent were found to be malicious and an additional 5 per cent suspicious. Coronavirus-related domains are 50 per cent more likely to be malicious than other domains registered during the same period, and also higher than recent seasonal themes such as Valentine’s Day,” the cybersecurity firm said in a statement.
Many of these domains will probably be used for phishing attempts.
As of now, Check Point Research has already spotted and protects online users from many websites known to be related to malicious activities that lure the victims to their websites with discussions around the virus, as well as from scam websites that claim to sell face masks, vaccines and home tests that can detect the virus.
In addition, a widespread targeted coronavirus themed phishing campaign was recently spotted targeting Italian organisations, hitting over 10 per cent of all organisations in Italy with the aim of exploiting concerns over the growing cluster of infections in the country.
While clicking on “enable editing” and “enable content” on emails infected with such malicious files, users would be led to the download of “Ostap Trojan-Downloader”, which is known to be a Trickbot downloader.
Trickbot is a dominant banking Trojan constantly being updated with new capabilities, features and distribution vectors.
This enables Trickbot to be a flexible and customisable malware that can be distributed as part of multi purpose campaigns.