I love you Who doesn’t like to be told that? It doesn’t matter if it’s in the face, in a phone call or in an email message sent by an unknown address. This is what Filipino programmers thought Reonel Ramones and Onel de Guzman, the parents of the virus I love you, one of the most famous and most successful. Not because of its code or how well it ran on the computers it reached from the inbox.
What he did to I love you the most famous virus was that it appealed to an instinct as human as curiosity. It is calculated that I love you caused more than $ 10 billion in damage as millions of people opened an email message in their workplace someone confessed their love. Obviously, it was a false confession, but by the time the victim realized it, his Windows computer was already infected.
Cybercrime is based precisely on the expertise to create harmful code that you can do something on the device it’s installed on, have a good formula for spreading to other computers, and most importantly, have a good hook that makes the user install it without realizing it. And there comes the human factor.
As a decoy, you can use famous programs or applications. For decades, fake computer installers were used in computers Flash and Java to infect computers, since they are two programs that are usually updated frequently. Imitating the Java and Flash update window allowed the user to accept the update to be tricked without thinking that they were being cheated.
But do not go so far away. In mobile app stores like Google play and App Store, they try to sneak fake apps that claim to do a certain task that is highly sought by the Android or iPhone user, but which, in reality, is intended to infect your device. Many of these apps are hunted by Google and Apple filters, but some achieve their goal.
For infected emails or harmful links, the names of famous people such as actors or actresses. Who would not like to see pictures of their favorite actor or actress. The problem is that this desire can lead to clicking on a link that infects your smartphone or computer.
Coronavirus as a tool to infect
This introduction serves to put ourselves in the current moment. The entire world has been practically paralyzed by a pandemic that has forced us to confine ourselves to our residences for weeks and / or months. The coronavirus or COVID-19 is the star topic in home conversations, social networks and the media. Even in Google anything related to coronavirus is among the most prominent searches.
So it was no wonder that in the early days these keywords will be used, coronavirus, COVID or COVID-19 as a decoy to generate all kinds of malicious content that helps install and spread malware.
Security firms as well known as McAfee are receiving through their security tools a lot of examples of coronavirus-related strategies to infect devices. From the most obvious, like the multitude of Android apps emerged since March on Google Play that with the excuse of offering information or data about the COVID-19, abused Android permissions, such as internet access, reading messages and contacts, to spread on other devices and spy on the user.
But the ingenuity of cybercriminals goes further. What are those who are concerned about coronavirus looking for? A possible cure, material to avoid infection … Hence they have proliferated stores that claim to sell face masks and that, in some cases, they are only an excuse to deceive the user. Also in telegram groups or in online forums, this type of deception has arisen, inspired in part by those who have wanted to make money selling medical supplies at exorbitant prices.
According to the security firm McAfeeThere are three foci in which cybercrime is focusing with the coronavirus as a decoy: health, finance and education. Precisely, there are three burning issues, the first because it is the central axis of the pandemic, the second because finances have been affected by it, and finally, education has been forced to make the leap to the internet when, depending on which centers, they were not prepared. Hence, the security measures or tools of certain educational centers and students are weak and may be victims of attacks or deception related to the coronavirus or online solutions as fashionable to teach online as they are Zoom, Google Classroom or Microsoft Team.
But this does not end here. Using COVID-19 as a hoax to infect computers goes so far as to even offer a fake Windows antivirus by the name of Corona Antivirus, as reported by the specialized media Tripwire and that was detected by the security firm Malwarebytes. Specifically, what this fake antivirus did was add your computer to a botnet or botnet called BlackNET. In other words, your infected PC becomes one more in a network that can be used to infect other devices, perform DDoS attacks, execute malicious scripts or to steal Bitcoin, to name several examples.
False messages based on coronavirus-related topics also abound these days. The security firm Bitdefender discovered examples of messages sent by instant messaging that they claimed to come from Netflix and that they offered a free period of time to enjoy their catalog during confinement. Nobody is bitter about a sweet, and if someone gives you something for free, there will be those who do not hesitate to open this link. The problem is that the gift is not such, and also, to obtain it you must answer some questions and share the link with your contacts. Thus the deception spreads faster.
Continuing with messages from false sources, messages that take advantage of the lack of information or clarity by public institutions. Thus, these messages claim to be from certain public agencies or organizations that offer financial aid. A pretext for obtain personal data and / or execute malicious code on connected devices.
The computer security company Sophos It also collects fake emails claiming to come from the WHO (World Health Organization) and some that combine sextortion with COVID-19 to ask for a payment in exchange for not publishing or broadcasting a video of a sexual nature where the victim is allegedly involved. The level of inventiveness of cybercriminals is such that in some email messages they pose as a infected neighbor or citizen who requests payment as a reward for staying home and not infecting the rest of the population.
United against the coronavirus
Union makes strength, the saying goes. And although each country is acting on its own with disparate criteria, scientists from around the world They are working in parallel and communicating with each other to obtain better tools to detect and stop the coronavirus. A task that will require months of work and patience on our part.
In the field of cybersecurity, this much-needed union has also taken place. Not that the main computer security companies They have joined, although all of them follow very closely and disseminate everything related to online security and the fraudulent use of any subject associated with the coronavirus.
The call COVID-19 Cyber Threat Coalition is a community of volunteers focused on search and report any type of deception or a ploy that uses COVID-19 as a lure to trick Internet users into infecting their devices or obtaining personal information.
Although there is no specific company behind this coalition, they do have the support and help of such well-known names as NVIDIA, Slack, Sophos, GitHub, Cloudflare or ProtonMail, among others. And among other things, they conduct online cybersecurity workshops, collect the most notable cases week by week and offer a list of links, domains and IP addresses who use the coronavirus for their cybercrime actions.
For more information on their work or to follow their latest analyzes or workshops, you can enter their slack channel or follow his Twitter account.
This coalition is not the only organization that emerged as a result of the coronavirus to ensure cybersecurity. There are more examples like the European ECHO COVID-19 CTI Defense Alliance, sponsored by THREW OUT, an acronym for European network of Cybersecurity centers and competence Hub for innovation and Operations and which depends on the European Commission.
Made up of 30 partners from the public and private sectors, this body has created a specific page to fight cybercrime that COVID-19 uses. Among other things, it offers resources and help material as well as advice for individuals and companies.
And since there are not two without three, the European Cyber Security Organization, a non-profit organization based in Brussels, Belgium. Among his actions related to the coronavirus, his compilation in the form of a presentation where list resources, initiatives and tools of cybersecurity to face the technological dangers covered by COVID-19.
👇 More in Hypertextual