Researchers from the cybersecurity organization IBM and Kaspersky discovered that cybercriminals are using the global fear of new coronaviruses by sending related malicious emails and links to spread Emotet malware in Japan.
It is understood that Emotet is a popular malware that has a devastating effect on attacking governments and financial institutions. Researchers found that criminals were sending the e-mail on behalf of the Japanese Disability Welfare Service. The content is mainly to provide preventive measures against coronavirus, and rumors spread to patients with coronavirus in Gifu, Tottori, and Osaka Prefecture in Japan. Each of these emails contains an attached Word document.
“Previously, Japanese Emotet emails have been focused on corporate-style payment notifications and invoices, following a similar strategy as emails targeting European victims. This new approach to delivering Emotet may be significantly more successful, due to the wide impact of the coronavirus and the fear of infection surrounding it,” the X-Force report says.
Once the computer is infected, it will be used to send malicious spam to other targets, and install other malware on the device to collect user credentials, browser history, and important document information, then package and send it to the attacker server.
IBM researchers said the use of current hotspots to spread malicious email has become common in cybercrime. This strategy can trick more victims into clicking malicious links, opening malicious files, and increasing malware activity efficiency.