There is no shortage of reports about the avalanche of cyber scams and attacks now descending on us all. We have seen malicious maps, ransomware apps, countless phishing sites and scams, and hundreds of millions of emails. The latest twist in this sorry take still takes some beating. Hackers are now offering “COVID-19 discount codes” to encourage armies of newbies to buy their exploits and take up the trade.
Discovered by the diligent researchers at Check Point, there are now “coronavirus special offers by different hackers promoting their ‘goods.’ The malicious malware or exploit tools are being sold over the dark net under special offers with ‘COVID19’ or ‘coronavirus’ as discount codes, targeting wannabe cyber-attackers.”
No, you didn’t read that wrong. Hackers offer discount codes as well.
This “spreading of malicious ‘goods’ to hungry cyber attackers,” Check Point warns, “means that malware is spreading faster through these offers and discounts. With a staggering rise in coronavirus related domains, the threat of cyber attacks is increasing during the coronavirus pandemic.”
The exploits that Check Point found include exploits to defeat WinDefender, bypasses for the security protecting email platforms and Google Chrome, even a 15% discount to hack Facebook—just include the “COVID19 code in your message.”
“I stopped being surprised about what happens in the cyber underground market years ago,” Check Point’s Yaniv Balmas tells me. “It’s just interesting to see that this market behaves exactly the same as any other, with discounts due to lack of interest or loss of connectivity from many of the ‘regular customers’.”
You need to take this seriously. there are a lot of people with time on their hands right now, and an entire community of exploit developers that are now selling into a distressed market. Employment and economic uncertainty—hacking is not a difficult venture for a young computer guy stuck at home with time on their hands.
The other factor here is that we’re all at home as well. We’re not set up to work from home in this way. We’re distracted, not surrounded by our usual IT infrastructure and protections, highly susceptible to a socially engineered email or message, unlikely to have any filters in place top check links, attachments or apps.
And, what’s much worse, is that the subject matter tagging all these attacks is also obviously COVID-19. From basic malware to nation state attacks, everything is being tagged with the virus now and our understandable obsession for news and information makes us incredibly vulnerable to such attacks.
Since the start of the year, Check Point says, “over 16,000 new coronavirus-related domains were registered.” And that’s accelerating. In the last fortnight, we are seeing ten times as many coronavirus domains registered as earlier in the year. That’s a sea of new noise and traffic in which to hide an attack.
Check Point believes that more than 2,000 of these new websites are either confirmed malicious or potentially suspicious. And the discussion forums behind the scenes have experienced hackers trading tools and a bunch of newbies just getting into the scene. It’s all a recipe for cyber disaster. As Thomas Brewster reports for Forbes, the U.S. is now warning of “unprecedented wave of coronavirus scams heading our way.” And this is on top of the thousands we’re already seeing.
And do not forget that there are literally no depths to which these attackers will not sink. One of the most recent reported scams comes from Sophos, which warns that attackers are now mocking up emails from the WHO’s new “COVID-19 Solidarity Response Fund,” giving a scary indication of how real-time this all is.
“Rarely is the whole world so focused on one thing,” Sophos says, “making this chance to develop scams a little too good to be true for cybercriminals. We have also seen common email-borne malware families like Fareit and Trickbot sending Centers for Disease Control and Prevention and WHO themed malicious emails.”
The cyber scams you now need to watch for come in addition to the profiteering in online sales of coronavirus-related supplies and the countless fake good being sold online. You really do need to be careful out there—and all this while you worry about your health and your wealth. And so don’t take any risks, don’t click, install or open anything you have any doubts about or can’t vouch for.
“As the old expression puts it,” Check Point says, “if it sounds too good to be true, it probably is.”