Coronavirus Malware Exploits Global COVID-19 Fears to Scam Internet Users & Steal Their Data

The world is in the grip of fear over COVID-19 and coronavirus malware is following suit, infecting devices and stealing data from people looking for information on the pandemic.

In a situation like the COVID-19 pandemic, where everyone is spending more time online than ever before due to various quarantines, lockdowns and remote working restrictions being enforced the world over, protecting your data is critically important.

As Coronavirus continues its rapid spread, Internet users are fearful of coming into contact with the virus and anxious for more information about the coronavirus outbreak. Cybercriminals are taking advantage of the coronavirus (COVID-19) pandemic and preying on vulnerable people's fears to spread malware. In these trying times, EnigmaSoft is still here to help people stay safe from malware, including the malicious coronavirus-themed malware attacking users’ computers.​

​A number of cyber-attacks and strains of malware themed after COVID-19 have swept across different parts of the world over the last few days. An advanced persistent threat (APT) is believed to be behind the March 2020 targeted attack dubbed 'Vicious Panda' that was spreading coronavirus malware. The 'Vicious Panda' attack used phishing emails targeted at Mongolian government institutions. The emails came with RTF file attachments that allegedly contained important information about coronavirus.

Coronavirus malware took a lot of different forms in a short span of time. In mid-March 2020, a new strain of ransomware appeared in the wild, named CoronaVi2020. Distributed primarily through spam emails and malicious attachments, the CoronaVi2020 ransomware asks for a relatively modest 0.008 BTC (roughly 50 USD) ransom and seems to be targeting regular home users instead of corporations and government institutions. The ransomware affects most common file types including images, databases and office files, with the ransomware appending its author’s email — coronaVi2022[at]protonmail[dot]ch — in front of affected files.

The Coronavirus ransomware was also spotted bundled with the info-stealer trojan Kpot. A malicious site was distributing an executable named WSHSetup.exe that was effectively a bundle carrying both the coronavirus ransomware and the Kpot Trojan. Kpot can scrape account information from a number of web browsers, email accounts, cryptocurrency wallets and game distribution clients.

The coronavirus pandemic is a continuing challenge for people all over the world. The EnigmaSoft technical support continues to be ready and at your service for 24/7 one-on-one support, including custom help with malware. Our customers can rely on EnigmaSoft and our range of services through this difficult stretch, as we all fight to return to a more normal life.

About EnigmaSoft Limited

EnigmaSoft Limited is a privately held Irish company with offices and global headquarters in Dublin, Ireland. EnigmaSoft is best known for developing and distributing SpyHunter, an anti-malware software product and service. SpyHunter detects and removes malware, enhances Internet privacy, and eliminates security threats – addressing issues such as malware, ransomware, trojans, rogue anti-spyware, and other malicious security threats affecting millions of PC users on the web.

Source: EnigmaSoft Limited


Categories: Computer Software

Tags: anti-malware software, computer security, computer software, coronavirus, covid-19

About EnigmaSoft Limited

View Website

Enigma Software Group USA, LLC was the original producer of SpyHunter 4 and is an affiliated company to EnigmaSoft Limited. EnigmaSoft Limited is a privately held Irish company with offices and global headquarters in Dublin, Ireland.

EnigmaSoft Limited
1 Castle Street (3rd Floor)
2 D02XD82