Skip to main content

Fake NHS website used to distribute stealer Trojan

(Image credit: Image Credit: Christiaan Colen / Flickr)

In the latest coronavirus-related cyberattack, hackers have created a fake version of the NHS website capable of injecting malware and harvesting personal data.

Cybersecurity researchers from Kaspersky identified the fraudulent site, which claims to offer downloadable advice surrounding the ongoing pandemic.

The available download, however, infects the user with a stealer trojan that scrapes the machine for passwords, credit card data and other files. The malware also targets cookies and information relating to cryptocurrency wallets.

The trojan, once present on the device, can also be manipulated by the hacker to trigger further malware downloads.

While the volume of cyberattacks has not increased during the pandemic, criminals have switched resources to prey on inexperienced remote workers and those looking for information about the virus.

Experts have identified numerous phishing campaigns and DDoS attacks, as well as coronavirus-themed malware that “trashes a PC”.

Quarantine measures have also seen hackers set their sights on video conferencing service Zoom, the popularity of which has exploded in recent weeks.