Stiff drink required after installing fake corona antivirus

Stiff drink required after installing fake corona antivirus

Adds the infected device to the BlackNET botnet

Credit: Dreamstime

A bizarre new scam exploiting uncertainty around COVID-19 has emerged, claiming to protect users from the physical coronavirus with a digital antivirus, but actually adds the infected device to a botnet.

The scam’s website calls itself “Corona Antivirus - World’s best protection” and was identified by cyber security vendor Malwarebytes.

According to Malwarebytes' threat detection team, the website purports that the Windows-based antivirus is a “special AI development” developed by scientists from Harvard University.

“Your PC actively protects you against the Coronaviruses (Cov) while the app is running,” a statement from the threat detection team recounted.

Instead of downloading a digital program that can affect its physical surroundings, users are actually downloading malware, which uses the commercial packer Themida to add the infected PC to the BlackNET botnet.

The infected PC can then be manipulated to execute malicious activity. This can include deploying distributed denial of service (DDoS) attacks, take screenshots, steal Firefox cookies, saved passwords and Bitcoin wallets, implement a keylogger and run scripts.

The reveal of the corona antivirus scam follows several COVID-19-themed scams identified in the last month, such as Android-centric text message scams and Telstra impersonations relating to a supposed free streaming service

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags coronavirus

Show Comments