Login

Register

Login

Register

#cybersecurity | hacker | Malicious coronavirus map hides AZORult info-stealing malware


Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples, adversaries have created a weaponized coronavirus map app that infects victims with a variant of the information-stealing AZORult malware.

The malicious online map, found at www.Corona-Virus-Map[.]com, appears very polished and convincing, showing an image of the world that depicts viral outbreaks with red dots of various sizes, depending on the number of infections. The map appears to offer a tally of confirmed cases, total deaths and total recoveries, by country, and cites Johns Hopkins University’s Center for Systems Science and Engineering as its supposed data source.

Malwarebytes issued a warning about the map last week, and Reason Cybersecurity this week has followed up with its own blog post, reporting additional details on the scam, gathered by Reason Labs researcher Shai Alfasi.

The malware, found within a file called corona.exe, carries typical AZORult functionality, with the ability to steal credentials, payment card numbers, cookies and sensitive browser-based data and exfiltrate that information to a command-and-control server.

According to Alfasi, the malware specifically seeks out cryptocurrency wallets (including those for Electrum and Ethereum), the Telegram desktop app and Steam accounts. It can also take unauthorized screenshots, resolved and save a victim’s public IP address, and gather information on infect machines, including the OS system, architecture, hostname and username.

“The malware uses a few layers of packing as well as a multi-sub-process technique to make research more difficult,” the blog post notes. “As the coronavirus continues to spread and more apps and technologies are developed to monitor it, we will likely be seeing an increase in corona malware and corona malware variants well into the foreseeable future,” the repot concludes.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW