As the deadly coronavirus takes a toll on the tech industry, criminals have discovered a field day. The Mobile World Congress (MWC) 2020 was cancelled while a coronavirus-themed spam email spread Emotet malware according to February 18’s security researchers report.
The campaign targeted Japan in malicious email attachments faking to originate from a Japanese disability welfare service provider, as explained by the Check Point Research cybersecurity firm team.
These emails are designed to report where the infection is spreading in most of the Japanese cities. It allegedly encourages the victim to open the document that tries to download Emotet on their computer when opened. The Director-Security Engineering, Check Point Software Technologies, Venugopal N, stated:
“Alongside the malicious coronavirus spam campaigns, which we expect to become even more widely spread over the coming days, our research shows there has also been a surge in scam websites using coronavirus in their domain names, allegedly selling vaccinations against the virus.”
This report also identified a malicious Lokibot sample. Lokibot is the eighth most popular malware this February. It targeted Indonesia with emails that were sent about how people in Indonesia can best protect themselves against the virus.
Emotet is described as an advanced, self-propagating and modular Trojan. Initially, it was a banking Trojan. Nonetheless, it recently has been used as a distributor of much other malware and malicious campaigns.
It comprises of multiple methods that it uses to maintain persistence and evasion techniques to avoid detection. Additionally, it can spread through phishing spam emails that contain malicious attachments or links.