As we’ve covered before, hackers are using the coronavirus panic to spread their wares. Phishing is included in the hackers’ tools of the trade, so they’re always in need of more websites to fool people with.
Recently, there were reports of scammers buying up domains related to the COVID-19 panic. There’s also evidence that hackers are selling their programs with coronavirus-related discounts to help aspiring scammers get started.
What Kind of Domains Were Made?
Check Point has made a statement that 6,000 new coronavirus-related domains were registered in the last week alone. This is an 85 percent increase from the previous week, which reveals a clear surge in domain registration interest.
It’s only natural to assume that well-meaning coronavirus-related domains are being snapped up; after all, there are plenty of legitimate reasons why an individual or organization would register one. However, things get a little shadier once you learn that coronavirus-themed domains are 50 percent more likely to lead to malicious content than other domain types.
Check Point did some research into these domains. They found that 0.8 percent of them were very clearly malicious, while 19 percent more were suspicious. As such, around 1 in 5 coronavirus-related domain name harbors shady activity.
Hackers aren’t just attacking coronavirus-related domains, however. They’re also monitoring the spike in usage of specific websites and services and attacking those domains, too.
For example, people are flocking to the video-conferencing service Zoom to get their remote work done. As such, hackers are creating malicious Zoom domains to trick others into downloading malicious software. Google Classroom also suffered some attacks as scammers created domain names similar to the real thing.
What Hacking-Related Sales Are Being Made?
Hackers aren’t just buying up domain names, however. They’re also selling tools and services that allow budding hackers to attack victims more efficiently.
Some malicious program vendors are allowing customers to enter the discount code “COVID-19” or “coronavirus” to get a discount. One vendor gave a “coronavirus discount” on all their goods when a code was used. These goods included file hosting with no antivirus scans for storing malicious code as well as .ZIP files that can get through Gmail’s security measures.
Another hacker on the dark web has put their Facebook account cracking services on sale for others to use. If a patron uses the code “COVID-19,” they will get a $15 discount on a single Facebook account crack.
Why Is this Happening?
The increase in coronavirus-related domains has a pretty obvious reason behind it. As people look for lockdown-related products and services, hackers want to be the first in line to trick people into downloading their wares.
As for the discount sales on malicious tools, this is presumably a response to the increase of interest in hacking. This may be due to people with technical expertise finding themselves out of a job or education.
As they struggle to pay off bills and buy groceries, they turn to scams to make ends meet. Malware developers put their wares on sale to attract these newcomers to purchase their products.
A New Domain of Scams and Malicious Activity
As the coronavirus escalates around the world, hackers have also stepped up their game. With so many people now online and working from home, scammers have registered coronavirus and Zoom-related domain names to catch people unaware. At the same time, they’re helping new cybercriminals with coronavirus-based sales on tools.