Coronavirus news being used to sneak malware past AV programs

March 21, 2020

In an effort to make malware appear legitimate and help it sneak past security software, groups using two well-known trojans are inserting news text from Coronavirus stories into their file descriptions.

Padding malware with fake news is not new but Bleeping Computer has found Trickbot and Emotet now being used in conjunction with stories associated with the pandemic. The attackers embed the news snippets in the malware’s description file, said Lawrence Abrams, Bleeping Computer’s CEO.

This tactic has
been used in the past with news centered on President Trump’s impeachment trial
being used as late as January 2020 for the same purpose.

The switchover
to COVID-19 content took place about a month ago.

The overall
efficiency of this tactic is not known, but researchers believe it could fool security
software variants dependent upon artificial intelligence and machine learning

Related Articles

  • SC Media’s complete coverage: Threat and Preparation
  • Some cybercriminals consider laying off health care targets amid COVID-19 crisis
  • VPNs: Not a cybersecurity slam dunk for telecommuters in the age of COVID-19
  • Cybercriminals weaponize the World Health Organization name to lure phishing victims

The post Coronavirus news being used to sneak malware past AV programs appeared first on SC Media.

Original Source
Tags: , , ,

You may have missed

BianLian

BianLian Ransomware Victim: defi SOLUTIONS[.]

April 24, 2024
CISA Logo

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

April 24, 2024
CISA Logo

CISA: Joint Guidance on Deploying AI Systems Securely

April 24, 2024
CISA Logo

CISA: CISA Releases Four Industrial Control Systems Advisories

April 24, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

April 24, 2024