In an effort to make malware appear legitimate and help it sneak past security software, groups using two well-known trojans are inserting news text from Coronavirus stories into their file descriptions.

Padding malware with fake news is not new but Bleeping Computer has found Trickbot and Emotet now being used in conjunction with stories associated with the pandemic. The attackers embed the news snippets in the malware’s description file, said Lawrence Abrams, Bleeping Computer’s CEO.

This tactic has
been used in the past with news centered on President Trump’s impeachment trial
being used as late as January 2020 for the same purpose.

The switchover
to COVID-19 content took place about a month ago.

The overall
efficiency of this tactic is not known, but researchers believe it could fool security
software variants dependent upon artificial intelligence and machine learning