SUMMARY
Hackers are stealing data such as user names, passwords, and card details
AZORult malware is being used to scrape data from unsuspecting users
The malware only impacts Windows devices
After crippling most business sectors across the world, panic and interest around the coronavirus outbreak are now helping hackers steal personal information of unsuspecting internet users around the world.
According to Shai Alfasi, a security researcher at Reason Labs, hackers have developed a fake version of online dashboards which are used to track the coronavirus impact in real-time. Alfasi claimed some hackers are stealing personal data such as user names, passwords, credit card numbers and other data stored in users’ browsers by creating a fake version of these dashboards.
The duplicitous dashboards prompt users to download an application which is eventually a malware. The application once installed in the system steals the stored data. In some cases, users don’t even need to install the malicious software as opening the website on a browser is enough for the malware to scrape data.
Dashboards are copies of other popular coronavirus trackers that are created by John Hopkins University, Acoer and other researchers, scientists and journalists to track the spread of the deadly virus and trends related to it over time. Typically, they provide real-time information related to coronavirus including confirmed cases, deaths and recoveries per hundred infections, and trends over time.
Alfasi noted that hackers are using AZORult malware to scrape data. In a blog, Alfasi said that the new malware activates a strain of malicious software known as AZORult. “AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer,” he added.
It is worth noting that first hacking cases of AZORult were registered in 2016. The information-stealing software is used to scrape data such as browsing history, cookies, user IDs, passwords, among others. It can also download additional malware onto infected machines.
Currently, this malicious software only works on Microsoft Windows systems. However, Alfasi believes that hackers might soon come with an updated version of the malware to impact other operating systems as well.
After the coronavirus outbreak made headlines in January and February, hackers have cashed in on the fear of the deadly virus which has already killed over 4K people across the world. Last month, reports surfaced that hackers were spreading malware through emails purporting to have information and updates about the coronavirus outbreak.
