PSA: Just got this malware warning on base COVID-19/Johns Hopkins Map

814 Views | 1 Replies | Last: 6 yr ago by Agz_2003
alamogeorge
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
9:03a, 3/19/20
AG
BLUF: Malware is circulating on the internet posing as a Johns Hopkins University COVID-19 spot map.

LOCATION: JBSA-LAK/RND

SITUATION: E-mails with a link titled COVID-19 map have been circulating which has malware embedded in the program. The link is nearly identical to the actual Johns Hopkins University COVID-19 map.
ANALYSIS: This cybersecurity threat has been verified by multiple sources. Johns Hopkins University published the following, "Johns Hopkins University has learned about the existence of malware designed to look like the university's coronavirus tracking map in an effort to steal information from users who visit the fake site. The Johns Hopkins COVID-19 map on the university's website does not contain malware and is safe to navigate. The malicious application requires users to download software or launch the fake map, which opens the malware.
"You may all go to hell, and I will go to Aggieland!" -Davy Crockett
Reply Quote
FamousAgg
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
9:07a, 3/19/20
Scammer and hackers are taking advantage. I already got a phishing email at work, verified from our IT group that it was an attack out of Lithuania . Some subject like "New COVID-19 cases confirmed in your area"
Reply Quote
Agz_2003
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
9:51a, 3/19/20
AG
Info. about this

Quote:
The confusion comes from an issue where a malicious person created a downloadable Windows-based application containing malware whose display is practically identical to the Johns Hopkins Coronavirus browser-based dashboard (see comparison figure below). Whomever posted the malicious downloadable app is attempting to take advantage of the strong public interest concerning the Coronavirus, but it requires the user to either download the app executable, or it could be distributed by email for the user to then install onto their local Windows system.
The malicious app once downloaded and installed deploys malware called AZORult which is designed to steal credentials in the background (among other activities). To make the user think they are getting a Coronavirus map viewer, the app calls the URL of the Johns Hopkins dashboard and displays the results inside the application window.
Bottom-line, you are fine browsing the Coronavirus dashboard on the web with your browser as no software needs to be downloaded. If you come across someone offering a Coronavirus dashboard where you need to download software to view it, don't use it!


Reply Quote
Refresh
Page 1 of 1
 
×
subscribe Verify your student status
See Subscription Benefits
Trial only available to users who have never subscribed or participated in a previous trial.