Exploiting coronavirus fear by Chinese Hackers


Corona pandemic has led Government sponsored Criminal Hackers and Self-Sponsored Ethical or Criminal Hackers to take advantage of the ongoing coronavirus pandemic to spy on adversaries, according to multiple cybersecurity threat intelligence companies.

Chinese and Russian government led Hackers , have been sending out malicious email attachments about  since the pandemic broke out.

Unknown hacking groups aligned with the Chinese government targeted Vietnam, the Philippines, Taiwan, and Mongolia, the cybersecurity firms FireEye and Check Point . The hackers are sending email attachments with genuine health information about coronavirus but laced with malware such as Sogu and Cobalt Strike.

A coronavirus themed malicious Microsoft Word document used by the Chinese hacking group known as TEMP.HexFireEye.Source: MIT

A Russian group known as TEMP.Armageddon sent spear-phishing emails to Ukrainian targets. Spear-phishing is a tactic hackers use to send specifically crafted malicious links that trick targets into clicking, allowing them to be unknowingly infected.

FireEye analysts also suspect a recent such attack against a South Korean target is the work of North Korean hackers. Like China, South Korea has been hit especially hard by the outbreak. The phishing email had the Korean language title “Coronavirus Correspondence.”

hacking by criminals

In addition to ongoing activity by government-sponsored hackers, cybercriminals are taking advantage of the chaos of current events. Hackers have previously used anxiety surrounding Ebola, Zika, and SARS to make money.

Targets “have heightened interest in news and developments related to the virus, potentially making them more susceptible to social engineering that tricks them into clicking on malicious links.

The phishing emails promise everything from information on cures to medical equipment. In reality, they aim to deliver malware or steal passwords in a bid to cash in on chaos.

Hackers are looking all over the globe for targets, but some have zeroed in on the worst-hit countries. Italy, which has so far seen the worst rash of illnesses outside Asia, has been targeted by a phishing campaign against businesses. Fake emails, which pretend to be from the World Health Organization, promise precautionary measures Italians can take in the form of a Microsoft Word document, but it will download a banking Trojan called Trickbot aimed at stealing vast sums of money.

Malicious dashboards are circulating that prompt you to download an application in order to spread AZORult malware for Windows that steals personal and financial data, cryptocurrency, and anything else of value from an infected machine. 


The best defense is to keep your tech up to date.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s