Earlier this week, social media giant Facebook announced that it would take down misinformation about the highly infectious coronavirus. The social network had been filled with hoaxes, wild conspiracy theories and even xenophobic posts that stoked anti-Chinese sentiment and fears. There were rumors that the virus had been the result of Chinese biological warfare or was the result of the Chinese eating bat soup.
“These lies can cause immediate and tangible harm to people, and the platforms must act to stop them from spreading,” House Energy and Commerce Committee Chairman Frank Pallone Jr. (D-N.J.) said in a statement to The Hill over the weekend.
This isn’t the first time that misinformation has gone viral on social media, but this time the various tech companies are looking to address it.
“With outbreaks such as the coronavirus or even influenza, it’s easy to think that more information is better,” explained Thomas LaVeist, dean of the School of Public Health and Tropical Medicine at Tulane University. “But it’s also too easy to spread misinformation and to stigmatize those in the midst of the outbreak.”
Fortunately, various social platforms have responded by including links to trusted sources, a move LaVeist applauded.
“In our communications, we routinely recommend that the public consult with reputable sources like the Centers for Disease Control and Prevention or the World Health Organization to access their carefully presented information drawn from boots-on-the-ground data and scientific fact,” LaVeist told ClearanceJobs. “Neither of these organizations has a stake in presenting the information with a sensational angle and provide ample statistics to back up their recommendations.”
Enter the Emotet Virus
Unfortunately it isn’t just misinformation that has been making the rounds on social media. This week security researchers at IBM and Kasperksy have warned that cybercriminals are using fake email messages and posts on social media to spread the Emotet Trojan, as well as other forms of malware.
Researchers at IBM X-Force have discovered emails that contain malicious Microsoft Word attachments and while these have so far been focused on Japan, there remains the risk that Emotet could spread as rapidly as coronavirus as people look for information online.
“In these first samples, Japanese victims were probably targeted due to their proximity to China,” explained an IBM researcher as reported by GovInfo Security. “Unfortunately, it is quite common for threat actors to exploit basic human emotions such as fear – especially if a global event has already caused terror and panic.”
The U.S. Cybersecurity and Infrastructure Security Agency has warned that it has seen a surge of targeted attacks involving Emotet, which began as a banking Trojan five years ago. Since then, its developers – or other cybercriminals – have added new functionality that makes it especially dangerous. Once a system is infected, Emotet uses that system to send out additional phishing emails to grow the botnet.
Emotet has the potential to go viral by posing as an email or social media post about a virus!
“Cyber criminals are taking advantage of the confusion and misinformation surrounding coronavirus,” warned Paul Bischoff, privacy advocate with Comparitech.
“If there is a lack of official, reliable information, people will go searching for answers in other places,” Bischoff told ClearanceJobs. “China’s lack of transparency about coronavirus gives criminals an opportunity to lure victims with fake reports and documents that contain malware.In most cases, links to these files will be spread by people in chat groups and emails.”
Whether by email, chat groups or social, everyone needs to take caution when seeking information about the coronavirus.
“The attackers social-engineering attack is spreading more and more,” suggested David Jemmett, CEO of Cerberus Sentinel.
“The email looks legitimate but once opened, the attachment reveals a Microsoft Word document containing an Office 365 message that instructs users to enable content,” Jemmett told ClearanceJobs. “Victims who comply unknowingly cause the campaign to run an obfuscated VBA macro script. This script opens PowerShell, which installs a downloader for the Emotettrojan in the background. Emotet will send copies of itself to the victim’s contacts. Those messages may also be coronavirus related.”
Businesses can protect against Emotet by implementing a spam filtering solution that incorporates a sandbox where malicious documents can be analyzed in safety to check for malicious actions explained Jemmett who added, “This strain of Emotet is commonly carrying the newest version of Trickbot, which uses a brand new UACbypass for Windows 10 machines called wsreset.exe.”
Jemmett told ClearanceJobs that users who fear they are infected with Emotet should download the Emocheck utility from the Japan CERT GitHub repository.
Morever, good safety habits should also be the first line of defense.
“The usual advice applies here: don’t click on links or attachments in unsolicited messages and emails,” added Bischoff. “Keep your software updated, and turn on your antivirus and firewall.”