By Kip Kirchberg
Cyber Criminals have cloned the John Hopkins Corona Virus spread map and have embedded malware that could exploit your personal or companies sensitive data.
The malware embedded in the map is known as Azorult and is a commercially available Trojan. This malware was first seen in 2016 to steal crypto currency wallet credentials but is now back with vengeance using the Corona Virus as a lure to get you to click on a malicious website and steal you or your companies personal information.
This Trojan harvest credentials stored in web browsers, looks for 0365 or skype credential’s, can delete files on a machine, has been known to download additional malware payloads that can collect screen shots of victims pc’s, collect network information, operating systems, and even user names and passwords used to login to a pc.
In a personal environment, the Azorult Trojan will collect things like banking passwords, social media logins, stored credit card information, and anything else a Cyber Criminal could use to collect an easy payday.
In corporate environments, the Cyber Criminals will use Azorult or a dropper to collect pc names, network architecture and layout, caches user logins, os version and patch levels, and anything else that would allow an attacker to gain a foothold into your company’s main computer systems.
These types of attacks could lead to a company becoming a victim or ransomware, used to steal financial data to transfer monies, or worse collect data on clients and launch a social attack attempting to collect money for invoices and have funds directed to a Cyber Criminals Bank account.
To help avoid becoming a victim you have a couple choices.
Only visit websites that are state run or that you are familiar with. You can visit the Florida Department of Health’s website or CDC for up to date information.
Today just having an antivirus program on your pc is not enough as some of the malware signatures are so new antivirus manufactures and firewall vendors simply cannot keep up. For the best and most complete protection invest in some type of endpoint protection for your pc that includes application whitelisting.
If you or your organization are interested in learning more about application whitelisting, please reach out and I’ll be glad to setup a call and discuss cost conscious solutions that will help secure your environment.
You can reach me at [email protected] or 863-734-8060
Kip Kirchberg is an International Cyber Security Professional that has experience developing several Fortune 500 Organizations Cyber Security Programs as well as helping small, medium, and large business’ Identify, Detect, and Mitigate Cyber Security Risks.