Hackers Attempt to Exploit Coronavirus Panic Reaches New Heights

Last updated: April 23, 2020 by CountryVPNs

hackers exploiting Coronavirus

“Coronavirus maps to people’s email addresses and their phone numbers, nothing is safe if you aren’t careful enough”


Coronavirus has turned the world upside down. It has proven to be such a disaster that even WHO has declared it a global pandemic. Its magnitude is so massive that some people believe it to be a conspiracy i.e., reduction of the growing population.

Some people believe Coronavirus is triggered by the Chinese government to reduce the world’s population.

twitter 1

While others say that Coronavirus is some foul play by China to use against the USA.

twitter 2

It might be challenging to say exactly what triggered this pandemic, or is it just another epidemic without any cure. But amidst all this panic, hackers are taking advantage of it.

As every person with a smartphone is searching for Coronavirus on Google, they are clicking everywhere to find information. And there is too much misinformation related to Coronavirus.

For instance, take a look at this map that shows the area with the maximum number of people and death tolls because of the Coronavirus. This interactive map was created by students from John Hopkins University to show Corona-affected countries.

coronavirus map

This is concrete information for millions of people who are on the verge of being affected by this disease. But hackers are creating copies of this map to steal data. When a person clicks on such a rogue map, cyberattackers can get access to his laptop, mobile phone, or any device that he is using.

This is the reason why you must be wary about clicking or downloading such maps. Furthermore, there is an increase in phishing attacks as well. Hackers are sending hoax emails to their users and offering solutions for Coronavirus disease.

But hackers are exploiting people to click on Coronavirus solution and access their private data. If you have clicked on a similar-looking email like the one mentioned below, then you might be a victim of a phishing attack.

phishing email

Many people will click on this email without even thinking. As Coronavirus is becoming more common, people are searching for a cure or a solution before they get infected. And Cyberattackers are benefitting from this Corona-driven panic and started sending thousands of these phishing scams.

Moreover, hackers are also trying to get people’s personal information through phone calls. Under the guise of medical authorities inquiring about their personal information for Coronavirus quarantine purpose, hackers are trying to purloin people’s personal data to use it for their wicked activities.

tweet related to phishing call

snap of phishing call

These are a few ways how hackers are targeting millions of people and benefitting from the Coronavirus pandemic.

High-Risk Domains

According to an estimate, hackers are launching a large number of malicious websites that are used to steal information. In this way, hackers are trying to make money out of this Corona pandemic.

As people are buying Corona-related domains, it is highly likely that hackers are also registering such domains to steal data. Some of the most dangerous domains that you must never click on as per Recorded Future’s director of operation outcomes Lindsay Kaye are:

  • coronavirusstatus[.]space
  • coronavirus-map[.]com
  • canalcero[.]digital
  • coronavirus[.]zone
  • coronavirus-realtime[.]com
  • coronavirus[.]app
  • coronavirusaware[.]xyz
  • coronavirusaware[.]xyz

 AZORult Malware Map        

Cyberattackers are using AZORult, a 4-years old malicious program, in Coronavirus maps to steal your data. Hackers are using Coronavirus maps just like the ones created by John Hopkins University students that describe the tally of people suffering from the Coronavirus and affected countries.

However, this Coronavirus map is backed by malicious software, named AZORult, which is used to steal credit card information, passwords, and browsing history. 

Also, there is an extension to AZORult malicious maps that can allow hackers to access your device anytime they want with the help of the Remote Desktop Protocol (RDP).

This is a picture of the backend features of AZORult malware. Watch how the bits are missing in the red section, and this is the payload. Such types of payloads are entered in your device by the hackers so they can use them anytime to get access to your private data.

Azorult coding

Furthermore, many Russian cybercrime forums are selling AZORult, a Coronavirus infection kit that uses a John Hopkins interactive map to launch a Java-based malware attack on people. This malicious Coronavirus map is entirely interactive and shows real-time data generated from WHO (World Health Organization). 

This is how a Coronavirus malware kit works

When a user clicks on this Coronavirus-infected map, it opens a detailed map that people will use and quickly spread it to their friends and family members as well.

The loader loads .jar files that have a fully interactive Coronavirus map and a payload, which consists of a separate loader. The payload can be loaded before or after the malicious Coronavirus map is downloaded. That’s how a hacker gets access to your device by using a payload.

How to prevent a Malicious Attack and protect yourself from getting conned by the hackers?

As hackers are trying to search for cryptocurrency passwords, specifically, it is better to protect your device with rock-solid security. In times of such great panic, people will try to explore every bit of information to tackle the Coronavirus.

However, you need to ensure that you are protecting your digital life as well. To prevent malware attacks, you can use anti-malware software or VPNs to spoof your IP address and add an extra layer of protection against cyberattacks.

If you want to read about the best VPNs to use in different countries, you should read it here about top vpn for indonesia, top vpn for singapore, top vpn for vietnam, and more.



“CountryVPNs”, is an information privacy, security, and anti-censorship source fighting to take down virtual borders on the global cyberspace.

Leave a Reply

Your email address will not be published. Required fields are marked *