Preying on pandemic fears, cybercriminals have planted trojans and worms into videos and documents containing information about the Wuhan coronavirus.
In a plot to hijack news trends, cybercriminals have disguised malicious files as documents related to the Wuhan coronavirus.
According to Kaspersky, the discovered malicious files were masked as pdf, mp4 or docx files containing information about the coronavirus. The names of files imply that they contain various video instructions on protection against catching the virus, updates on the threat and even virus detection procedures.
In actuality, these files contained a range of threats from trojans to worms capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks.
Comments Anton Ivanov, a malware analyst at Kaspersky: “The ongoing coronavirus pandemic is already being used as bait by cybercriminals. So far, we have seen only 10 unique files, but as this sort of activity often happens with popular media topics, we expect that this tendency may grow. As people continue to be worried for their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread.”
The “coronavirus”-related malicious files were detected as the following:
- Worm.VBS.Dinihou.r
- Worm.Python.Agent.c
- UDS:DangerousObject.Multi.Generic
- Trojan.WinLNK.Agent.gg
- Trojan.WinLNK.Agent.ew
- HEUR:Trojan.WinLNK.Agent.gen
- HEUR:Trojan.PDF.Badur.b
To avoid falling victim to malicious programs pretending to be exclusive content, readers should take the following steps:
- Try to avoid suspicious links promising exclusive content. Refer to official sources for trustworthy and legitimate information.
- Look at the downloaded file extension. Documents and video files should not have been made either .exe or .lnk formats.
- Use a reliable security solution for protection from a wide range of threats.
