Follow Mint Lounge

Latest Issue

Home > News> Talking Point > How coronavirus infected the internet

How coronavirus infected the internet

Global interest in the coronavirus epidemic is being used by cybercriminals to spread malware through email attachments

Cyber-security companies warn against opening certain emails.
Cyber-security companies warn against opening certain emails. (Photo: iStock)

The next time you receive an email that claims to have “important" or “urgent" information on the Wuhan novel coronavirus, exercise some caution. With almost 80,000 cases across the globe, the disease, which originated in mainland China, continues to spread. Cyber criminals, however, have been using the global coverage of the epidemic for “destroying, blocking, modifying or copying data" and interfering with computer networks.

Cyber-security firms are reporting how email attachments claiming to have information on the virus end up infecting a user’s system with malware. According to cyber- threat research company Check Point Research’s Global Threat Index for January, the most recent coronavirus-themed campaign targeted users in Japan. A Trojan known as Emotet was circulated through malicious email attachments. The email would appear to be from a Japanese disability welfare service provider, claiming to have information on how the infection was spreading in Japanese cities. Once the document was opened, Emotet would get downloaded.

Originally a banking Trojan used to steal financial data, Emotet is now being used to spread other malware.

Pune-based security solutions provider Quick Heal reported that hackers were using Emotet in emails that had attachment headings primarily in Japanese and other Asian languages. According to a news release from Quick Heal, attackers used current dates for the emails to make them look “very urgent". Fake email IDs of local health organizations were also used to alarm users about an outbreak in a particular region.

An additional report from Moscow-based cyber-security and antivirus provider Kaspersky explains that it detected malicious files “disguised" under the guise of .pdf, .mp4 and .docx files claiming to contain more information about the coronavirus. The names of the files indicated that they contained video instructions on how to protect oneself from the virus, further updates on the threat and virus detection procedures. The files, however, were ridden with Trojans.

Next Story