A few days ago, there is a piece of news spreading about Malware File called “Coronavirus“. WHO has declared Coronavirusa, an emergency of global concern on public health, where announced on BBC reports that the virus has more than 200 deaths until today.
The attacker has taken advantages of this incident to make phishing email that related to the Coronavirus outbreak that been huge talks around the world.
Source: IBM X-Force Threat Intelligence & bom on Twitter
As we can see the picture that been published by bom on Twitter, We can see an example of Japanese Email Emotet.
A report from IBM X-Force Threat Intelligence have explained like follows:
The subject of the emails, as well as the document filenames, are similar, but not identical, they are composed of different representations of the current date and the Japanese word for ‘notification’, in order to suggest urgency.
The Attacker will attach a file such as Microsoft Word that disguises as trying to give advice about the prevention of Coronavirus that been outbreak nowadays. As a result, people that curious will open the Word Document and content pop-up will appear where they will ask the victims to enable the function.
Once the victims enable it, malware infection will spread over the machine and network. However, that might not be the only motive that the attacker has in mind. They might include credential harvesting payload and might also include searching any private file payload that might be useful to them.
The recommendation for this attack would be an easy one like don’t open any unknown file that coming from malicious sender.