#Privacy: Malicious websites used coronavirus to lure in victims

A new study published by Check Point Research suggests that malicious online actors are using the coronavirus to boost their own hacking campaigns, reports reveal.

According to the publication, the hackers are infecting coronavirus-related domain names and selling cut-price off-the-peg malware on the dark net.

Check Point Research said:

“Special offers by different hackers promoting their ‘goods’ — usually malicious malware or exploit tools — are being sold over the darknet under special offers with ‘COVID19’ or ‘coronavirus’ as discount codes, targeting wannabe cyber-attackers.”

The news comes amid a rising trend in domains being registered since the start of this year, which relate to COVID-19 and which are infused with computer viruses.

The research organisation said:

“In the past three weeks alone (since the end of February 2020), we have noticed a huge increase in the number of domains registered — the average number of new domains is almost 10 times more than the average number found in previous weeks. 0.8% of these domains were found to be malicious (93 websites), and another 19 percent were found to be suspicious (more than 2,200 websites).”

“WinDefender bypass” and “Build to bypass email and Chrome security” are among the infected tools available to buy at heavily discounted prices.

“SSHacker” is the name of another scam group saying they can hack into Facebook accounts at a 15% discounted rate when the user activates the promo code COVID-19.

A third seller, “True Mac” claims to be selling last year’s MacBook Air model for just $390, as part of a special coronavirus deal.

These developments stand as further instances of how coronavirus is being hijacked by hackers to trick organisations across a range of different sectors.

Malicious software embedded in links and attachments, such as AZORuItEmotetNanocore RAT and TrickBot are all being employed by malicious online parties to take advantage of the current global health crisis.


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.