With the outbreak of the pandemic Covid-19 quite normal that many users want to try to monitor, even if only to keep updated on the situation, how it is spreading around the world. Various academic and scientific realities have created monitoring tools and dashboards to graphically illustrate the diffusion step of the New Coronavirus.
So what better way to take advantage of the desire to stay informed about a serious global problem by trying to inoculate malware on users' computers? Sad to say, but the scoundrels don't know decency. Security researcher Shai Alfasi has found that some hackers are building websites that trick you into downloading an app to stay up to date on the situation and that, in parallel, steals sensitive information from the user's PC.
The application, whose name appears to be coronamap.exe, is not installed on the system and actually shows a real map (taken from the absolutely reliable site of Johns Hopkins University) of the spread of the pandemic. This app also represents the main attack point for installing malware on the system. In detail, the malware is based on AZORult, identified for the first time in 2016 and created with the purpose of stealing data from the victim's computer and also infecting it with other malware.
Alfasi explained that AZORult it can be used to steal the most disparate information: "It is used to fathom browser history, cookies, ID / password, cryptocurrencies and much more. It can download other malware onto the infected machine. It is a malware commonly sold in the undergrowth of the Russian web for the purpose of extracting sensitive information from an infected system. " Then there is a variant of AZORult that can install a hidden admin account in order to perform attacks remotely.
The advice is obviously to seek information on the Covid-19 pandemic only from trusted sources, such as the aforementioned Johns Hopkins University site, or the Civil Protection site and in any case to avoid downloading programs or apps to follow the evolution of events : everything you need online without having to download anything.
