Report: Cyber Criminals Continue to Benefit from COVID-19

Avira warns of cyber-attacks that lure users with "COVID-19" and "Corona" in annual threat report.


San Jose, Calif., Jan. 13, 2021 (GLOBE NEWSWIRE) -- According to Avira's 2020 Report on Cybersecurity, cyber criminals benefited greatly from COVID-19. With a world eager for information, malware authors developed a wide variety of strategies to exploit users’ fears and need for answers around the virus, from malware which enables cyber attackers to read credit card data to vaccine based scams targeting the elderly in order to gain access to personal payment data. Overall, cyber-attacks increased by 15% worldwide compared to 2019. Further the rate of scams overall rose and fell at the same rate and time as the virus appeared across the world.  

"For many years, authors of malware have been using psychological tricks to lure unsuspecting users," said Alexander Vukcevic, Director of Avira Protection Labs. "Currently, we are in a situation where many people are looking for answers and are worried because of COVID-19. The authors of malware are specifically exploiting this uncertainty.” 

 Since the beginning of the pandemic, special variants of well-known malware families have emerged to trap unsuspecting users with the catchphrase "Corona" or "COVID-19". 

 

Banking Trojan "Cerberus" lures with "Corona  

One example of this is a variant of the Android banking Trojan "Cerberus", which is often distributed under the name "Corona-Apps.apk" via phishing campaigns. The keyword "Corona" is intended to entice Android users to install the Trojan on their smartphone. 

According to the Avira report, the number of Android banking Trojans detected in 2020 increased by 35 percentage points compared to the previous year, which is due in part to increased mobile banking activities this year. 

"Banking Trojans have always played an important role in the Android malware scene and this year they had an even bigger presence. In addition to the strategy of using COVID-19 as a cover, they also use the classic approach: they disguise themselves as a widely used app and ask for unusual permissions in order to obtain credit card data, for example," Vukcevic said. 

 

COVID-19 as a driver for cyber attacks 

Overall, Avira Protection Labs recorded an increase in malware attacks of around 15% compared to 2019 with a significant increase particularly in the first and last months of 2020. 

Interestingly, the number of all cyber-attacks blocked by Avira increased this year at the same rate as the pandemic spread. During the first wave of the pandemic in April, the number of malware attacks also reached its first peak. As the scale of the pandemic diminished in the summer, so did the number of attacks. Since the beginning of the second wave in October, the number of malware attacks has been rising rapidly again. There would appear to be a direct correlation between the number of attacks and the number of people working from home, this may be down to cybercriminals knowing that people are often more vulnerable to certain types of attacks when away from a secure office environment. 

Increasing threat in 2021: Stalkerware  

Another malware that actively camouflages itself and, according to Avira, will become increasingly important in the coming year is stalkerware. Apps that are detected as stalkerware are a type of spyware that can endanger the privacy of users and the security of the system. These spy apps can be installed without the knowledge or consent of the device owner, to secretly monitor them and spy on personal information such as pictures, videos, messages and location data. To disguise their activities, they use a stealth mode that allows the app to run invisibly in the background. 

Due to the increasing activity of stalkerware apps in the Android environment, Avira is an active member in the Coalition Against Stalkerware to support their fight against this threat. 

More information and an analysis of a typical stalkerware app is available in this blog article. 

 

The Avira Annual Threat Report 2020 is available here: https://www.avira.com/en/state-of-cybersecurity-2020 

More information and tips for safe online banking and shopping are available at the following link: https://www.avira.com/en/avira-annual-report-2020 

 

### 

About Avira 

Avira provides a consumer-focused portfolio of security and privacy solutions for Windows, Mac, Android and iOS, home networks, and smart devices (IoT). All Avira features are available as licensed SDKs and APIs. Working together, Avira and its partners protect more than 500 million devices globally. Avira solutions consistently achieve best-in-class results from independent security tests.  

Avira is headquartered near Lake Constance, Germany, with additional offices in the EU, the United States, and Asia. For more information about Avira visit www.avira.com. 

Attachments

 
This graph shows Android banking trojan detections increased by 35 percentage point from 2019 to 2020. This comparative timeline shows the number of prevented attacks globally in 2019 vs 2020.

Contact Data