Fake News – Malicious ‘Corona Anti-Virus’ Software Discovered

Home Forums Computers (software & hardware) … Antivirus & Firewalls Fake News – Malicious ‘Corona Anti-Virus’ Software Discovered

Viewing 1 post (of 1 total)
  • Author
  • #6422
    UK Sentinel
    • Posts 3395
    • Skipper

    Fake News – Malicious ‘Corona Anti-Virus’ Software Discovered – infosecurity-magazine.com

    Researchers at Malwarebytes have unearthed a website advertising fake anti-virus software it claims can protect people from contracting the real human virus COVID-19.

    In what comes across as a bizarrely comic case of miscommunication, the site (antivirus-covid19[.]site) offers users the chance to “Download our AI Corona Antivirus for the best possible protection against the Corona COVID-19 virus.”

    The site’s operators carefully chose an academic big hitter to endorse it. According to the website, the Corona Anti-virus was developed by “scientists from Harvard University” who “have been working on a special AI development to combat the virus using a Windows app.”

    To further authenticate their product’s claims, the site’s creators have included a meaningless graphic of three people standing around a circular raised platform while staring at some connecting balls suspended in mid-air. One of the figures points at a ball as though symbolically indicating the presence of a cure.

    The Corona Anti-virus claimed: “your PC actively protects you against the Coronaviruses (Cov) while the app is running.”

    It’s hard to imagine this ill-conceived ruse netting any victims whatsoever, but those who are persuaded to install the fake Corona Anti-virus will inadvertently infect their computer with malware.

    Researchers found that criminals are using the malicious fake anti-virus software to distribute a BlackNet remote administration tool. Users who try to download Corona Anti-virus [antivirus-covid19[.]site/update.exe] will turn their PC into a bot that is ready to receive commands from a threat actor.

    “The full source code for this toolkit was published on GitHub a month ago,” said researchers. “Some of its features include deploying DDoS attacks, taking screenshots, stealing Firefox cookies, stealing saved passwords, implementing a key logger, executing scripts and stealing Bitcoin wallets.”

    Researchers reported the site to American web-infrastructure and website-security company CloudFlare.



    In a completely sane world, madness is the only freedom (J.G.Ballard).

Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.