Cyber criminals using coronavirus-themed emails to deliver malware

By Jason Contant | February 10, 2020 | Last updated on October 30, 2024
1 min read

TORONTO – A U.S. cybersecurity company says criminal groups are exploiting fears over the new coronavirus to attack the global shipping industry.

California-based Proofpoint says it has detected a new email campaign that uses Microsoft Word attachments designed to trick recipients into installing a type of malware known as AZORult.

Proofpoint says criminals have been exploiting a vulnerability in Word to spread malware and AZORult since at least 2016, including for downloading ransomware that can lock victims out of their systems.

Related: Can the Novel Coronavirus illness trigger P&C policy coverage?

The company says the new email campaign takes advantage of concerns about the virus, which has sickened more than 37,000 people worldwide, although there is currently no evidence that ransomware has been used.

However, it says the attackers seem to be sophisticated and have targeted industries that are susceptible to shipping disruptions including manufacturing, industrial, finance, transportation, pharmaceutical and cosmetic companies.

Proofpoint advises workers exercise caution when presented with coronavirus-themed email messages and attachments, as well as links and websites that could be used by criminals as lures.

This report by The Canadian Press was first published Feb. 10, 2020.

Jason Contant