Researchers at Malwarebytes have unearthed a website advertising fake anti-virus software it claims can protect people from contracting the real human virus COVID-19.
In what comes across as a bizarrely comic case of miscommunication, the site (antivirus-covid19[.]site) offers users the chance to “Download our AI Corona Antivirus for the best possible protection against the Corona COVID-19 virus.”
The site’s operators carefully chose an academic big hitter to endorse it. According to the website, the Corona Anti-virus was developed by “scientists from Harvard University” who “have been working on a special AI development to combat the virus using a Windows app.”
To further authenticate their product’s claims, the site’s creators have included a meaningless graphic of three people standing around a circular raised platform while staring at some connecting balls suspended in mid-air. One of the figures points at a ball as though symbolically indicating the presence of a cure.
The Corona Anti-virus claimed: “your PC actively protects you against the Coronaviruses (Cov) while the app is running.”
It’s hard to imagine this ill-conceived ruse netting any victims whatsoever, but those who are persuaded to install the fake Corona Anti-virus will inadvertently infect their computer with malware.
Researchers found that criminals are using the malicious fake anti-virus software to distribute a BlackNet remote administration tool. Users who try to download Corona Anti-virus [antivirus-covid19[.]site/update.exe] will turn their PC into a bot that is ready to receive commands from a threat actor.
“The full source code for this toolkit was published on GitHub a month ago,” said researchers. “Some of its features include deploying DDoS attacks, taking screenshots, stealing Firefox cookies, stealing saved passwords, implementing a key logger, executing scripts and stealing Bitcoin wallets.”
Researchers reported the site to American web-infrastructure and website-security company CloudFlare.
In a completely sane world, madness is the only freedom (J.G.Ballard).
Viewing 1 post (of 1 total)
You must be logged in to reply to this topic.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.