Hackers don’t take sick days
Fishy coronavirus-related domains going viral, and some hackers offer Covid ‘specials’, says Check Point Security
Internet security researchers have noted that coronavirus-related domains are 50% more likely to be malicious than other domains registered during the same period, and also higher than other recent seasonal themes.
Since the beginning of January, during the period where initial outbreaks of the virus were being reported, more than 16,000 new corona virus related domains were registered.
In the first three weeks of March, Check Point Security researchers noticed a huge increase in the number of domains registered — the average number of new domains is almost 10 times more than the average number found in previous weeks. Of these domains, 0.8% (93 websites) were found to be malicious, and another 19% (more than 2,200) were found to be suspicious.
In the third week of March, more than 6,000 new domains were registered — an 85% increase from the week before.
Immediately following the news of the Covid-19 outbreak, cybercriminals started using global media interest as a cover to spread their malicious activity. The rise in overall searches for coronavirus, as tracked by Google Trends, closely matches that of social media discussions on cybersecurity and cybercrime in relation to the virus.
We are now seeing that hackers view this pandemic as a great opportunity to accelerate their business. Like “Cyber Monday” or “Black Friday”, researchers have even found several “coronavirus specials”.
Special offers by different hackers promoting their “goods” — usually malicious malware or exploit tools — are being sold over the dark net under special offers with “Covid-19” or “coronavirus” as discount codes, targeting would-be cyber-attackers.
“CoronaVirus Discount! 10% off ALL products” — and no, this is not for fashion merchandise or a new smartwatch. Some of the “goods” available to purchase at special rates include “WinDefender bypass” and “Build to bypass email and Chrome security”.
In one example, a group of hackers that go by the name of SSHacker, who describe themselves as “dedicated to providing the best hacking services since 2005” are now offering the “service” of hacking into Facebook accounts at a discounted rate: “15% off with Covid-19 code!”
And it doesn’t stop there. Of course there are many fake online “sales” offering premium goods at unbelievable prices. A seller that goes by the name of “True Mac” offers the “most-loved Mac” model — MacBook Air — at the fantastic price of US$390 as a “corona special offer”. As the old expression goes, if it sounds too good to be true, it probably is.
As always, be very wary of any website that offers “once-in-a-lifetime” deals no matter how authentic looking it is. To avoid falling victim to online scams, our recommendations for safe online behaviour are:
Be cautious with emails and files received from unknown senders, especially if they are offering special deals or discounts.
Don’t open unknown attachments or click on links in the emails.
Ensure you are ordering goods from an authentic source. One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page.