Spread Malware with fake Coronavirus info App
As the coronavirus or COVID-19 fears continuously growing among the people all over the world, Hackers too are finding new ways to exploit that fear. In the last few weeks, a new malicious campaign by the cyber criminals is noticed where they are hijacking the DNS records and use it spread Trojans, and malicious malwares.
Also Read the following:
This malware or malicious script is specially designed to get the confidential information of the victim’s device. However, one can be safe just by following few precautionary measures which we will explain later on in this article.
How Hackers Spread Malware with fake Coronavirus info App?
DNS Hijacking attacks by cyber criminals aims to collect the confidential information of the targeted device by spreading the malware in which the targeted computer start bleeping and give an alert on the victim’s computer. That was done by the hackers using DNS hijacking attacks.
This dangerous malware attack comes into notice after several computer users complaining about the random alerts on their devices to download the fake Coronavirus or COVID-19 app to get the latest information and useful instruction about the coronavirus (COVID-19).
A deep investigation in these cases find out that these types of notification in the victim’s computer is a part of organized hacking campaigns run by the hackers by interfering within the DNS server configuration.
However, till now it is not yet clears that how hackers are getting information about the routers of their targets. But if they succeed, they can easily change DNS servers to 188.8.131.52 and 184.108.40.206. Now, if the victim connects to a network, he/she gets the fake coronavirus alert as shown below in the picture because the DNS configuration has already modified by the hackers.
As the victim see this kind of alert in the browser which seems to be from authorized organizations such as from WHO, it would encourage the user to download the app and if the target comes in the trap of hacker, the device comes in the control of the hackers.
How to Prevent from these fake COVID-19 app
When the user is asked to download the fake coronavirus app, he should avoid it and close it out. But it might sometime is still annoying and starts comes again and again in your screen. To avoid these circumstances, there is a simple solution.
You should log in the admin of the router and check out the appearance of 220.127.116.11 and 18.104.22.168 servers. If these DNS are not available here, you are completely safe but if there is an appearance of those DNS servers than set the DNS servers to “Automatic” or assigned the ISP manually.
Now, save the configuration of the router and reboot the router, the new DNS setting will become active.