Kaspersky detection technologies have found malicious files disguised as documents related to the newly discovered coronavirus – a virus disease which has been at the top of media headlines due to its dangerous nature.
The discovered malicious files were masked under the guise of pdf, mp4, docx files about the coronavirus. The names of files imply that they contain video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures, which is not actually the case.
In fact, these files contained a range of threats from Trojans to worms which are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks.
“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cybercriminals. So far we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow. As people continue to be worried for their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread,” comments Anton Ivanov, Kaspersky malware analyst.
Kaspersky products detect “coronavirus” related malicious files with the following detection names:
Worm.VBS.Dinihou.
Worm.Python.Agent.c
UDS:DangerousObject.Multi.Generic
Trojan.WinLNK.Agent. gg
Trojan.WinLNK.Agent.ew
HEUR:Trojan.WinLNK.Agent.gen
HEUR:Trojan.PDF.Badur.b
To avoid falling victim to malicious programs pretending to be exclusive content, Kaspersky recommends taking the following steps:
- Try to avoid suspicious links, promising exclusive content. Refer to official sources for trustworthy and legitimate information.
- Look at the downloaded file extension. Documents and video files should not have been made either .exe or .lnk formats.
- Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats.
