Researchers have discovered tens of thousands of malicious websites taking advantage of the ongoing coronavirus pandemic, according to ZDNet, which today reported that thousands of similar websites are being created every day.
The report said that cybersecurity software vendor RiskIQ began tracking COVID-19-related domains on March 15 and found 13,500 suspicious domains. On March 16, it found more than 35,000 more domains, and on March 17 it discovered over 17,000. More were probably created today.
“RiskIQ analyzed its spam box feed for the time period of 03/13/2020-03/16/2020. During this four-day period, RiskIQ analyzed 437,887 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 54,847 unique subject lines observed during the reporting period. The spam emails originated from 32,535 unique sending email addresses and 44,165 unique SMTP IP Addresses. Analysts identified 536 emails, which sent an executable file for Windows machines.”
Law enforcement agencies have started to warn people about these efforts as well. The UK National Cyber Security Centre revealed COVID-19-related phishing attacks on March 16, and on March 17, the FBI warned Americans about malicious websites.
“Be wary of malicious websites and apps pretending to track #COVID19 cases worldwide. Criminals are using malicious websites and apps to infect and lock devices until payment is received. Report scams and attempted scams at http://ic3.gov,” an FBI tweet yesterday.
This problem isn’t going to go away any time soon. Spammers almost immediately started to take advantage of the viral outbreak–we heard about the first campaign based on COVID-19 in January–and other malware distributors quickly followed suit.