Ongoing since March 2, the latest effort attempted to steal passwords from WHO staff by sending malicious messages designed to mimic Google web services to their personal email accounts, a common hacking technique known as “phishing”, according to four people briefed on the attack.
Though no major damage has been reported so far, sources told the GDN that several information technology systems of companies in Bahrain were targeted by the cyber criminals to spread malware through files said to contain important information about the virus.
In its latest alert, CTM360 said it had identified the names of seven malicious files doing the rounds, and urged people to ignore them.
“As the latest global scare has gone viral, there has already been a surprisingly large number of incidents of cyber criminals using this issue as a base for their attacks,” said the advisory.
“This includes spreading malware through files containing information about the virus, fake news to spread worldwide fear, panic, and scams related to prevention masks or cures.”
Researchers found pdf, mp4 and docx files camouflaged as documents connected with the scams.
“The files are advertised as having some instructions or words of advice about the virus and remedies.
“The malicious files can destroy, block or modify the data on victims’ machines and these threats are capable of interfering with the operation of computers or computer networks.”
The names of the malicious files are: Worm.VBS.Dinihou.r; Worm.Python.Agent.c; UDS:DangerousBoject.Multi.Generic; Trojan.WinLNK.Agent. gg; Trojan.WinLNK.Agent.ew; HEUR:Trojan.WinLnk.Agent.gen; and HEUR:Trojan.PDF.Badur.b.
The alert said hackers are targeting industries such as manufacturing, industrial, finance, transportation, pharmaceutical and cosmetics.
“Attackers are sending malicious emails to the victims warning them about the impact of the coronavirus on the shipping industry.
“The emails contain a Word document attachment that will exploit a Microsoft Office vulnerability discovered back in 2017.”
The firm added that “hyped and manipulated media content” was being used by cyber criminals to promote fake news and leverage on the panic.
In addition, the growing demand for surgical face masks due to the pandemic has led to online shopping scams and financial losses to consumers.
“Scammers are also posting some fake cures and dangerous claims for coronavirus via social media platforms and blogs.”
The firm has strongly advised against opening emails or attachments from unknown sources, or sharing their personal information.
Companies in Bahrain should ensure that anti-virus and anti-malware software on their computers are up to date and they should avoid downloading .exe or .lnk documents from untrusted sources.
“As part of our own initiative to the community, we would like to urge citizens to be wary of the possible online frauds and fake news that is related to the trending coronavirus,” said CTM360 chief executive and founder Mirza Baig.
The GDN came across a website with photographs of two Bahraini royals, claiming they had donated millions in the global fight against Covid-19.
WHO has also warned of criminals posing as officials to steal money or sensitive information online through suspicious email messages.
“Beware that criminals use emails, websites, phone calls, text messages, and even fax messages for their scams,” warned the WHO.
UK’s national fraud and cyber crime reporting centre, Action Fraud, said to date 105 reports related to Covid-19 scams were registered since February 1, with losses totalling nearly £970,000.
The majority of the reports related to online shopping scams where people did not receive protective face masks, hand sanitisers and other products they had ordered.
© Copyright 2019 www.gdnonline.com
Copyright 2020 Al Hilal Publishing and Marketing Group Provided by SyndiGate Media Inc. (Syndigate.info).