Microsoft Warns Of Trickbot Malware That Preys On Public COVID-19 Fears

Hacker
You would have a better chance of finding a needle in a haystack that is a mile high, than scruples in a malware author that targets victims during a pandemic. The current virus outbreak is no exception. According to Microsoft, a piece of malware masquerading as an informational document from a non-profit offering free COVID-19 testing is making the rounds in a big way.

It's called "Trickbot" and it is "the most prolific malware operation using COVID-19 themed lures," based on Microsoft's Office 365 ATP data, the company stated on Twitter.

"This week's campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message[s] from a non-profit offering free COVID-19 test[ing].," Microsoft's Security Intelligence division tweeted.

Similar to other recent Trickbot campaigns, if a victim is duped into opening the malicious attachment, it initiates a macro that runs a file called choice.exe, which prompts the PC to wait 20 seconds before downloading a payload designed to steal a user's data. This kind of delay is intended to evade emulation and/or sandbox analysis, Microsoft says.

"Microsoft Threat Protection shields customers from this and other COVID-19 themed campaigns. Office 365 ATP’s detonation technology detects the numerous attachments, and this signal is shared to Microsoft Defender ATP to block the files on endpoints," Microsoft added.

Trickbot malware can be gateways to installing all kinds of payloads, including viruses, keyloggers, ransomware, and so forth. This latest iteration is essentially a phishing campaign. That's not surprising—there has been a massive rise in COVID-19 themed phishing scams, with Google saying it saw 18 million daily malware and phishing emails related to the virus in the last week alone.

Malware authors have also tried to spread their infections through Coronavirus tracking maps. It's a scummy thing to do, but regardless, everyone should take an extra bit of caution during these times. Smart computing habits are your best bet, which include things like not downloading and opening unexpected email attachments, typing web addresses directly into your browser, and being wary of what and where you download files.

Show comments blog comments powered by Disqus