AN information and communications technology giant has issued a warning about cyber criminals exploiting people’s craving for the latest information on the coronavirus.
The crooks do so by stealing data and personal information before making demands through ransomware.
New research from Finnish group Nokia said the scams include copying the trusted global map from John Hopkins University, which tracks the spread of coronavirus, and using an altered version that installs malware when a user interacts with it.
The “trojan” map has been targeting the Windows operating system.
Other dangers come in the form of spam emails disguised as advice from the director-general of the World Health Organisation (WHO), ransomware delivered through an Android app and Covid-19-themed phishing attacks also targeting Windows.
The white paper from Nokia’s Threat Intelligence Lab detailing the rogue programs said the Android-targeting CovidLock ransomware claims to track the spread of the virus across the globe, but more specifically known patients in the immediate vicinity of the device’s user.
When activated, it locks the user out of the device and asks for a ransom to be paid to unlock it.
Its list includes PlugX, which targets Windows and drops a malicious payload on the operating system, and KimsukyCOVID, a malware program masquerading as a Microsoft Word document containing information about the virus.
The document actually contains a malicious macro that will execute if the user falls for the request to enable additional content downloads to properly view the document.
CovidSafetyMask is a malicious information-thief targeting Android devices which masquerades as an application to help users obtain much sought-after safety masks.
When executed it asks permission to access contacts and SMS messages and once gained the malware sends fraudulent messages to victim’s contacts to spread itself.
The advice from Nokia is similar to what security professionals have constantly been telling computer users: visit only reputable sites that are known to be reliable sources of information, only install applications from trusted app stores, use an up-to-date anti-virus program on the mobile device, do not open email attachments if the sender is not known and do not grant additional execution privileges if there is no clear reason or need to do so.
Kevin McNamee, director of the Nokia lab, said: “Our latest Nokia Threat Intelligence Lab research reveals the most common ways that cybercriminals are seeking to play on and exploit people’s fear during the Covid-19 outbreak, either for financial gain or to steal data.
“Those threats typically fall into one of two main categories: malware directly related to the coronavirus outbreak and established malware delivered through coronavirus-related phishing campaigns.
“Our priority is providing actionable advice for citizens on how to protect themselves from these threats which can emerge quickly and can often masquerade as legitimate sources of information. The more insight we can gain on these ever-changing threats, the better.
He added: “Nokia creates the technology to connect the world – and at a time like this those connections are more important than ever.
“But we must protect those connections and act to shield people from exploitation – with the threat of the ‘real’ virus, the last thing people need is malware infecting their devices at this worrying time.”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here