Warning: Malware Disguised as 'COVID-19 Real-Time Status' Program
Exposed to Attacks Such as Remote Control and Information Theft
[Asia Economy Reporter Jin-gyu Lee] East Security announced on the 25th that a malicious code disguised as a 'COVID-19 real-time status' inquiry program has been discovered.
The newly discovered malicious code is an executable program (EXE) using file names such as 'Corona Domestic Status' and 'Domestic Corona Real-time Status.' When the file is executed, a popup window titled 'Real-time COVID-19 Status' appears.
The popup window displays four items with corresponding numerical information, such as confirmed cases, released from quarantine (recovered), deaths, and under testing, as if showing the actual COVID-19 infection status. During this process, the malicious program secretly installs another malicious code automatically in the user's PC temporary folder.
If infected with the newly created malicious code, the user's PC is exposed to various attacks including ▲remote control ▲keylogging that secretly intercepts keyboard input ▲screen capture ▲additional malicious code installation ▲information theft.
An East Security official stated, "The malicious program discovered this time is judged not to have been widely distributed yet," adding, "However, since it includes an actual RAT malicious module, the possibility of similar variant threats cannot be excluded."
Hot Picks Today
Taking Annual Leave and Adding "Strike" to Profiles, "It Feels Like Samsung Has Collapsed"... Unsettled Internal Atmosphere
- There Is a Distinct Age When Physical Abilities Decline Rapidly... From What Age Do Strength and Endurance Drop?
- "One Comment Could Lead to a Report": 86% of Elementary Teachers Feel Anxious; Half Consider Resignation or Career Change
- "After Vowing to Become No. 1 Globally, Sudden Policy Brake Puts Companies’ Massive Investments at Risk"
- On Teacher's Day, a Student's Gifted Cake Had to Be Cut into 32 Pieces... Why?
Moon Jong-hyun, Director of the ESRC Center, said, "Since late January, the early stage of COVID-19 spread, advertising texts and phishing emails exploiting the keyword 'Corona' have been continuously found," and urged, "We recommend verifying COVID-19 related information from reliable sources such as the official website of the Korea Disease Control and Prevention Agency."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
