A laptop with an image of the coronavirus on its screen

Tumisu/Pixabay CDC Mikael Thalen

Beware of malware hiding in fake coronavirus emails

‘Be watchful and exercise caution where Coronavirus-themed emails and websites are concerned.’


Mikael Thalen


Hackers are hiding malware in emails that allege to contain HIV test results and data on the coronavirus, cybersecurity firm Proofpoint has found.

Posing as employees from Vanderbilt University Medical Center, the hackers have targeted individuals associated with numerous sectors of the healthcare industry.

In one such attack, fake HIV test results are embedded in an email. If a recipient were to download and open the file, a remote access Trojan known as Koadic would be installed. The malware would allow an attacker to run programs on the victim’s computer and access private data.

“In recent years it [Koadic] has been used by a variety of nation state actors, including both Chinese and Russian state-sponsored groups, as well as attackers associated with Iran,” Proofpoint said.

Proofpoint says the attack emerged in January, around the same time as other malicious emails that attempted to entice users with alleged information on the coronavirus.

In one instance, conspiracy theories about the origin of the coronavirus were used to lure victims into opening a document containing malware.

“The email claims there is a cure being hidden by government entities because the virus is being used as a bioweapon,” Proofpoint explains. “It then urges the recipient to receive further information on the ‘cure’ by clicking on the link provided in the email.”

Hackers have also posed as World Health Organization officials to take advantage of concerns about the coronavirus and infect victims’ computers.

In the case of the coronavirus-themed emails, Proofpoint says the majority of targets came from the manufacturing, retail, and transportation industries.

“Overall, these latest examples serve as a reminder that users should be watchful and exercise caution where Coronavirus-themed emails and websites are concerned,” the firm said.


H/T BuzzFeed News

The Daily Dot