Malware: in Italy almost 3000 sites that use coronavirus

On our blog, we have already covered the topic of malware in various ways, including in relation to the current health crisis affecting the whole world.

Palo Alto Networks has carried out research to investigate the issue related to cyber threats, in the weeks between 9 March and 26 April 2020.

Result? It seems that 1767 Covid-19 malicious domains were created every day. Of a total of 1.2 million domains created, more than 86,000 have been classified as “high risk” or “harmful”: this identifies the web portals that would expose users who visit them to malware infections, attempts phishing or “command & control” attacks.

The research showed that the country with the highest number of potentially harmful domains is the United States with over 29 thousand websites, Italy with 2,877 in second place and Germany with 2564 in third place. Russia with fourth place with 2,546 malicious websites.

If you compare the number recorded for Italy with that of the United States, which actually refer to all 50 states of the union, the number is extremely high.

As is obvious, the websites taken into consideration use sets of keywords that include all those that revolve around the coronavirus, therefore: “covid, covid19, covid-19, coronavirus, vaccine, pandemic, pandemic, and so on.

About 80% of the websites analyzed would lead users to be exposed to malware infections, while 20% to phishing attacks aimed at stealing sensitive data. 0.2% seems to be used instead for the command & control function: it is a malicious technique with which attackers maintain communications with compromised systems within a network after a computer virus has been downloaded.

On the sidelines of all this, it seems that almost all malicious sites are hosted on the main cloud space managers, naturally unaware of the story.