Cybercriminals create fake coronavirus monitoring apps to infect users with malware.
In addition to helping to keep track of developments around the world, according to a study by Reason Labs, they have now become a popular way to hack devices. Hackers began to actively use fake applications with an identical interface, but embedded additional scripts that replace temporary files on the victim’s device with infected ones. After the malware (AZORult) is activated, it starts browsing the user’s files through the function «Task Scheduler».
This allows an attacker not only to infect the device with many other viruses, but also to find out the user’s personal data, such as names, passwords, bank card numbers. ,as well as other confidential information that is stored in the browser. There is a variant of AZORult that creates a new hidden account on the PC to give the hacker remote access to the desktop.
As such services and applications become more popular amid the spread of the pandemic, analysts at Reason Labs predict an increase in the number of malware in this segment in the future..
Hackers Are Capitalizing on the Coronavirus
Following hackers, cybersecurity developers are also improving their methods of work. For example, last September Emsisoft released a free decoder to fight against WannaCryFake ransomware.
text: Ilya Bauer, photo: iStock