As coronavirus threatens to become a global pandemic, everyone’s keeping a close eye on how it’s spreading across the world. Several organizations have made dashboards to keep track of COVID-19. But now, hackers have found a way to use these dashboards to inject malware into computers.
Shai Alfasi, a security researcher at Reason Labs, found that hackers are using these maps to steal information of users including user names, passwords, credit card numbers, and other info stored in your browser.
[Read: Google now displays health info from the NHS directly in search results]
Attackers design websites related to coronavirus in order to prompt you to download an application to keep you updated on the situation. This application doesn’t need any installation, and shows you a map of how COVID-19 is spreading. However, it is a front for attackers to generate a malicious binary file and install it on your computer.
Currently, the malware only affects Windows machines. But Alfasi expects attackers to work on a new version that might affect other systems too.
Alfasi noted that this method used malicious software known as AZORult, which was first found in 2016. The software is made to steal data from your computer and infect it with other malware as well.
The researcher noted that AZORult can steal info from your computer including passwords and cryptocurrencies:
It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer.
A new variant of AZORult installs a secret admin account on your computer to perform remote attacks.
Earlier this month, research from security firm Check Point noted that more than 50 percent of domains related to coronavirus are designed to install malware in your system.
While it’s important to gain information regarding coronavirus, you should only use verified dashboards to keep a tab on it to avoid getting hacked.