Cybercriminals Weaponize CoronaVirus Global Tragedy for Cash

Media Release:

IT is now a global health emergency, the 2019 Novel CoronaVirus (2019 n-CoV) Acute Respiratory Disease (ARD) as declared by the World Health Organization (WHO).

In the Philippines after weeks of having no case of the deadly 2019 n-CoV ARD, the Department of Health (DOH) has acknowledged the cases of so far two n-CoV cases.

Also, the DOH announced the first death in the Philippines due to the incurable Wuhan, China, disease, a Chinese citizen.

As might be expected, the coronavirus tragedy has reached the web.

Kaspersky detection technologies have found malicious files disguised as documents related to the newly discovered coronavirus – a virus disease which has been at the top of media headlines due to its dangerous nature.  

The discovered malicious files were masked under the guise of pdf, mp4, docx files about the coronavirus, of which their file names may imply that they contain video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures, which is not actually the case.

In fact, these files contained a range of threats from Trojans to worms which are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks. 

Cybercriminals, Weaponize, CoronaVirus, Global Tragedy, for Cash

“The coronavirus, which is being widely discussed as a major news story, has already been used as bait by cybercriminals. So far we have seen only 10 unique files, but as this sort of activity often happens with popular media topics then we expect that this tendency may grow.

“As people continue to be worried for their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread,” comments Anton Ivanov, Kaspersky malware analyst.

Kaspersky products detect “coronavirus” related malicious files with the following detection names:




Trojan.WinLNK.Agent. gg




To avoid falling victim to malicious programs pretending to be exclusive content, Kaspersky recommends taking the following steps:

  • Try to avoid suspicious links, promising exclusive content. Refer to official sources for trustworthy and legitimate information.

  • Look at the downloaded file extension. Documents and video files should not have been made either .exe or .lnk formats.

  • Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats. 

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at


Don't be shy, comments are welcome! Thank you.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: