Johns Hopkins University has published a very useful online map that tracks the spread of the coronavirus that causes COVID-19 in real time Some bad guys are copying this map and using it to spread malware that steals information
This information comes from Reason Cybersecurity, a small antivirus manufacturer in the US and Israel Researcher Shai Alfasi detailed in a blog post earlier this week how a downloadable version of the Johns Hopkins map that can run on a Windows desktop hides the AZORult Trojan, a piece of malware that has been stealing information since 2016 We noted [We last saw AZORult masquerading as a ProtonVPN installer file, and its creators even made a complete copy of the ProtonVPN website to do so Since Johns Hopkins posted the source code for the coronavirus map on GitHub, it was perhaps inevitable that AZORult's administrators cloned Johns Hopkins' map as well
Alfasi did not specify how victims could be lured into downloading and installing the poisoned Johns Hopkins map, but it is likely that links to it were disseminated via email and social media
If a malicious map is installed, as Alfasi wrote, it "attempts to steal browsing history, cookies, IDs/passwords, cryptocurrency, etc"
He added that "there are also variants of AZORult that create new hidden administrator accounts on infected machines to allow Remote Desktop Protocol (RDP) connections"
Fortunately, infection by this Trojan is not difficult to avoid First, do not install programs from random links sent through social media And be sure to install and run the best antivirus program available
Comments