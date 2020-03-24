Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

Malicious "Corona Anti-Virus" Software Discovered

Researchers at Malwarebytes have unearthed a website advertising fake anti-virus software it claims can protect people from contracting the real human virus COVID-19.

In what comes across as a bizarrely comic case of miscommunication, the site (antivirus-covid19[.]site) offers users the chance to "Download our AI Corona Antivirus for the best possible protection against the Corona COVID-19 virus." 

The site's operators carefully chose an academic big hitter to endorse it. According to the website, the Corona Anti-virus was developed by "scientists from Harvard University" who "have been working on a special AI development to combat the virus using a Windows app."

To further authenticate their product's claims, the site's creators have included a meaningless graphic of three people standing around a circular raised platform while staring at some connecting balls suspended in mid-air. One of the figures points at a ball as though symbolically indicating the presence of a cure.   

The Corona Anti-virus claimed: "your PC actively protects you against the Coronaviruses (Cov) while the app is running."

It's hard to imagine this ill-conceived ruse netting any victims whatsoever, but those who are persuaded to install the fake Corona Anti-virus will inadvertently infect their computer with malware.

Researchers found that criminals are using the malicious fake anti-virus software to distribute a BlackNet remote administration tool. Users who try to download Corona Anti-virus [antivirus-covid19[.]site/update.exe] will turn their PC into a bot that is ready to receive commands from a threat actor. 

"The full source code for this toolkit was published on GitHub a month ago," said researchers. "Some of its features include deploying DDoS attacks, taking screenshots, stealing Firefox cookies, stealing saved passwords, implementing a key logger, executing scripts and stealing Bitcoin wallets."

Researchers reported the site to American web-infrastructure and website-security company CloudFlare.

"We informed CloudFlare, since the threat actors were abusing their service, and they took immediate action to flag this website as a phish," said researchers.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

CEO Claims More Fake LinkedIn Users Are Claiming to be Employees

2
News

US Court Blocks Website Selling Fake #COVID19 Vaccine

3
News

Don't Fall for the WhatsApp Gold Scam

4
News

Microsoft: Targeted Attackers Are Exploiting Two Zero-Day Bugs

5
News

Leaked Plans Reveal Mirai-Like Russian IoT Botnet

6
News

SANS Offers Free Kit to Secure Home Workers

1
News

JEDI Contract to Have Only One Master

2
News

Hack Attempt on the WHO

3
News

Malicious "Corona Anti-Virus" Software Discovered

4
Interview

Interview: Len Shneyder, Co-Chair, Election Security Working Group, M3AAWG

5
Blog

Improving Cyber-Risk Management with ISO 27001 and the 10 Steps to Cybersecurity

6
News

Public ICS Intrusion Tools “Lower the Bar” for Hackers

1
Webinar

2FA or MFA: Which Authentication is Right for Your Business?

2
Webinar

The Impact of #COVID19 on the Infosec Industry

3
Webinar

Gain Control and Security of Your File Collaboration

4
Webinar

Zero Trust: A Cybersecurity Essential and the Key to Success

5
Webinar

AI in Security: Keeping Up with the Trend

6
Webinar

Using SIEM to Protect Against Top Cybersecurity Threats

1
Blog

Security by Sector: NHS Digital and Egress Partner to Strengthen Healthcare Email Processes

2
Interview

Interview: Paul Vixie, CEO, Farsight Security

3
Opinion

Working from Home Policies and the Future of Cybersecurity

4
Webinar

Automation in Data File Transfer: Improving Security and Saving You Time

5
Opinion

#HowTo Reduce Your Ransomware Attack Surface

6
Webinar

Gain Control and Security of Your File Collaboration