City of Largo issued the following announcement.
A malicious website pretending to be the live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University is circulating on the internet waiting for unwitting internet users to visit the website. Visiting the website infects the user with the AZORult trojan, an information stealing program which can exfiltrate a variety of sensitive data. It is likely being spread via infected email attachments, malicious online advertisements, and social engineering. Furthermore, anyone searching the internet for a Coronavirus map could unwittingly navigate to this malicious website.
THREAT DETAILS
A sample of the malware being deployed by “corona-virus-map[dot]com” was submitted and analyzed by and received an extremely malicious threat score of 100/100 with Anti-virus (AV) detection at 76%. This sample was labelled by Hybrid-Analysis as a Trojan.
WHAT YOU SHOULD DO
End users should be warned about this cybersecurity risk and security teams should blacklist any indicators associated with this specific threat. View more information and maps of threats at https://blog.reasonsecurity.com/2020/03/09/covid-19-info-stealer-the-map-of-threats-threat-analysis-report/
Original source can be found here.
Alerts Sign-up