"Hackers are once again taking advantage of concerns of COVID-19 by using fake coronavirus maps to infect visitors with malware.
Detailed Monday by cybersecurity researcher Shai Alfasi from Reason Cybersecurity Ltd., the fake maps were founded to be attempting to infect unsuspecting visitors with the AZORult malware.
The malware, first discovered in 2016, is an information stealer that makes off with browsing history, cookies, ID/passwords, cryptocurrency and more. An AZORult variant, designed to create a new, hidden administrator account on the infected machine in order to allow Remote Desktop Protocol connections, was also detected.
Sold on Russian underground forums, AZORult was last in the news Feb. 5 when it was found to be one of several forms of malware that was being spread by the Atlassian Corp. Plc-owned git code hosting service Bitbucket.
Using coronavirus as an attack vector to target potential victims isn’t restricted to coronavirus-related maps alone. A report March 8 noted that scammers were taking advantage of the news through targeted phishing campaigns and scam websites. In one example, a Russian website was found to be offering “the best and fastest test for Coronavirus detection at the fantastic price of 19,000 Russian rubles (about US$300).”