The covid-19 pandemic has created a gold mine for cybercriminals trying to woo unsuspecting buyers with so-called cures and preventive medicines that actually are just anything from amphetamines to marijuana and cost anywhere between $99 and $25,000.
Cybersecurity researchers have discovered several marketplaces on the dark web where some of these so-called cures, including fake covid-19 vaccines, are up for sale.
The dark web is the World Wide Web content that exists on darknets, overlay networks that use the internet but require specific software, configurations, or authorization to access, making it easier for users to hide their identities. As such, these become an ideal hunting ground for criminals.
Most of these scams are done through social media platforms and blogs, and were initially targeted at European internet users, said Kumar Ritesh, founder and chief executive at Cyfirma, a threat discovery and cyber intelligence platform. “It started around early April with independent websites popping up on the dark web in languages targeting Italian and French users. However, over the past couple of days, they have started popping up in inboxes of US-based users and, according to historical trends, India won’t be far behind,” said Ritesh. Users who visit these platforms either end up spending on a product that will never be delivered or, worse, download malicious software that can track their activities and steal personal information such as passwords, Ritesh said.
Social media platforms such as Facebook, Twitter and Google have taken measures to ensure that World Health Organization and Indian Council of Medical Research links are displayed on these sites to avoid misinformation. Yet, cybercriminals have been successful in bypassing the safety measures, typically, by posting malicious links on chats, blogs and public forums to target victims, said experts.
Experts have also found instances of covid-19 home testing kits being sold illegally. Some marketplaces on the dark web have restricted the sale of fake vaccines for covid-19 on their platforms and disabled malicious users. However, cybercriminals have managed to create independent websites with alarming regularity, said experts. Cyfirma says personal information provided to buy these fake vaccines could be used for the next wave of cyberattacks.
The hackers are from North Korea, Italy, Spain, France, and the US, with payments made via bitcoins, according to the Cyfirma report.
“These attacks are very well crafted,’’ said Himanshu Dubey, director, Quick Heal Security Labs.
“In the past two months, we have detected around 50,000 malicious URLs and 40,000 malware, which can end up giving access to information stealers, being peddled under the guise of covid-19 information. The new internet population of users is particularly vulnerable to these requests especially as they come embedded in authentic stories,” Dubey said.
Even a 0.5% success rate for the scammers is enough to cause damage, said Dubey.
Catch all the Business News , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
MoreLess