Coronavirus related cyberattacks surge by 260% during lockdown, Kerala most targeted: Report

While the number of coronavirus-related cyberattacks involving phishing emails and fake Android apps during the lockdown period jumped by 260% in India, Kerala recorded highest number of attacks, cybersecurity firm K7 Computing said Thursday.

Cases of phishing attacks were higher in tier - II and tier - III cities, the cybersecurity firm said in its Cyber Threat Report published today. K7 Computing blocked 250 attacks per 10,000 users in smaller cities. Users in Ghaziabad and Lucknow faced almost 6 and 4 times, respectively, more attacks than users in Bengaluru.

In Kerala, regions like Kottayam, Kannur, Kollam, and Kochi saw the highest hits with 462, 374, 236, and 147 attacks blocked per 10,000 users, respectively, while the entire state witnessed around 2,000 attacks.

The report shows huge gap between cases in Kerala and other states, but did not mention the rationale behind the disparity. For instance, Punjab saw only 207 attacks while Tamil Nadu reported 184 attacks.

“K7 Threat Labs observed a 260% increase in covid-19 related cyberthreats from the last week of March to the first week of April, which highlights the size of the opportunity created by the pandemic for cyber criminals,” J Kesavardhanan, founder & CEO of K7 Computing said in a statement.

Phishing emails was the most popular attack vector, the report highlighted. Emails with made up information on coronavirus were widely circulated in the name of trusted organisations. These emails had malicious link and attachments carrying ransomware, Remote Access Trojans, cryptominers, the study said.

Among other covid-19 related attacks, online maps tracking the pandemic with malicious code embedded within were also common. Also, rogue apps offering news and updates on the disease were widely circulated. In some cases, coronavirus tracking apps were infecting devices with ransomware and demanding payment to decrypt it.

After Google and Apple began cracking down on any apps that were giving information on coronavirus in March, attackers have taken other routes like third party app stores. K7 Computing found, that many Android users were tricked by an SMS Trojan which asked them to install an app named CoronaSafetyMask to receive safety masks. Another Android file named Corona Virus.apk, was being circulated in the name of giving information on the virus was being spread through phishing links.