Cybersecurity expert Kaspersky has revealed that several PDFs, documents and videos being shared as Coronavirus preventives are actually trojans and malware in disguise.
The company has warned users to be careful before opening any document forwarded to them.
The Novel Coronavirus outbreak in China has reached emergency status with Chinese government and their local administration imposing conveyance barricades, devising remote treatment terminals and doing much more in order to contain the outbreak. Given the panic it has caused, many directives and documents are floating around the internet claiming to be state news and facts about the Coronavirus disease. Many even offer pointers on how to stay safe.
That said, not all of them can be trusted. The Kaspersky report reveals that many of these files are indeed Trojans and malware, masked inside the headlining topic.
“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cybercriminals. So far we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow. As people continue to be worried for their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread,” Kaspersky malware analyst Anton Ivanov has said.
According to Kaspersky, these files are capable of blocking a device, copying or modifying the data on a device, or even stealing them from a user’s folders. The company has also identified the most popular malware files being used by hackers globally, so the file types that you should watch out for are — Worm.VBS.Dinihou.r, Worm.Python.Agent.c, UDS:DangerousObject.Multi.Generic, Trojan.WinLNK.Agent.gg, Trojan.WinLNK.Agent.ew, HEUR:Trojan.WinLNK.Agent.gen, and HEUR:Trojan.PDF.Badur.b, Kaspersky has said.
That said, given that such file names are impossible to identify for the common user, what one should look out for is by accessing the details section of a file shared and identify whether a disguised word document, PDF or video has either of .EXE or .LNK extensions at the end of their names. This is extremely important to ensure your devices remain safe from being infected with Coronavirus Trojan.