At a time when the deadly coronavirus is taking a toll on the tech industry with the Mobile World Congress (MWC) 2020 getting cancelled, coronavirus-themed spam is spreading Emotet malware, security researchers said on Tuesday.
According to researchers at Israeli cyber-security firm Check Point Research, the coronavirus-themed campaign targeted Japan, in malicious email attachments feigning to be sent by a Japanese disability welfare service provider.
The emails appear to be reporting where the infection is spreading in several Japanese cities, encouraging the victim to open the document which, if opened, attempts to download Emotet on their computer.
“Alongside the malicious coronavirus spam campaigns, which we expect to become even more widely spread over the coming days, our research shows there has also been a surge in scam websites using coronavirus in their domain names, allegedly selling vaccinations against the virus,” Venugopal N, Director-Security Engineering, Check Point Software Technologies, said in a statement.
The report also identified a malicious Lokibot sample — which is the eighth most popular malware this month — targeting Indonesia, with emails sent about how people in Indonesia can best protect themselves against the virus.
Emotet is an advanced, self-propagating and modular Trojan.
It was originally a banking Trojan, but recently has been used as a distributor of other malware or malicious campaigns.
It uses multiple methods to maintain persistence and evasion techniques to avoid detection. It can also spread through phishing spam emails containing malicious attachments or links.