Skip to main content

Cyber-criminals are exploiting people’s fears of COVID-19 – we analyze the threats

As the COVID-19 outbreak continues to impact the world, people are understandably afraid for the health of themselves and their families.

Unfortunately, the ‘real’ virus is not the only thing spreading. Cyber criminals are exploiting peoples’ fears and using their need for up-to-date information to infect their devices with malware.

Nokia’s Threat Intelligence Lab has analyzed the current crop of the most common malware and identified two main types - malware directly related to the Corona virus outbreak and established malware delivered through Corona-related phishing campaigns.

Examples of the threats include:

  • “Corona Virus” Trojan – targeting Windows, this Trojan mimics a real map of the global locations of COVID-19 infections to trick users into downloading the malware which then steals user credentials and other personal data
  • CovidLock Android Ransomware – an Android app that pretends to give users a way to find nearby COVID-19 patients and track the virus’s spread across the world. Installing the app locks the device and asks the user to pay $250 in ransom in bitcoins
  • Android.Corona Safety Mask SMS Scam – pretending to be an app that help users find safety masks, this info-stealer obtains contacts and SMS messages then sends fraudulent messages to the victim’s contacts.

The Lab assesses new threats as soon as they appear, ensuring a timely response and accurate detection of these threats. This helps Communications Service Providers (CSPs) to stay abreast of the latest developments and guide their frontline staff on the advice they need to be giving to their customers.

A paper detailing the threats and how to remove them can be found here.

It also contains a timely summary of how end-users can keep their devices secure. Measures include visiting only reputable sites, using anti-virus software and keeping devices up to date with patches.

With the threat of the ‘real’ virus, the last thing people need is malware infecting their devices at this worrying time – Nokia is here to support both CSPs and end users.

For more information about Nokia Security:

For more information about cyber threat linked to COVID-19:

Share your thoughts on this topic by joining the Twitter discussion with @nokia using #COVID19, #connectivity, #5G, #security

Kevin McNamee

About Kevin McNamee

Kevin McNamee heads up Nokia's Threat Intelligence Lab. This lab analyzes thousands of mobile malware samples each day to create the detection rules that power Nokia’s network-based malware detection system. Previously at Alcatel-Lucent he was Director of Security Research with Alcatel-Lucent's Bell Labs, specializing in the analysis of malware propagation and detection. He has had speaking engagements at RSA, Black Hat, SECTOR, (ISC)2, Cybercrime Symposium, GSMA, Virus Bulletin, MAAWG and BSides.

Tweet me at @KevMcNamee

Article tags