Hackers set up fake NHS website to spread malware

Another day another malware scams but this one is the lowest of the low.

Over the past few months, we’ve seen the rise of crooks using the COVID-19 crisis to their advantage. Some have been doing so through selling fake goods such as fake vaccines on the dark web whereas some have been using dedicated phishing and typosquatting campaigns in conjunction with trojans to lure innocent users.

One such incident of the latter has been discovered by the IT security firm Kaspersky. According to the company, hackers were impersonating the official website of the National Health Service (NHS) of the United Kingdom to spread malware infection. 

See: Dark web scammers selling ventilators & MP3 files to kill Coronavirus


They did it so by asking users to click certain malicious links once they visit the fake website to view health-related advice. These three hyperlinks are known to be the following:

  1. Advice about staying at home
  2. Use the 111 Coronavirus service
  3. How to avoid infection

Once the user clicks on them, instead of the information being provided, the user is asked to download a file named “COVID19” that is in actuality malware, more specifically an info-stealer trojan.

Hackers setup fake NHS website to spread malware
The fake NHS website

The info-stealing can then steal passwords; files from the victim’s PC; cookies, and payment information such as credit/debit card numbers from the victim’s browser. Moreover, cryptocurrency wallets can also be targeted.

Terming these developments that have happened since the outbreak, Kaspersky’s CEO has gone on to state that,

“Any attack made on a hospital at this time can be seen as equivalent to a terrorist attack.”

This is true keeping in mind how severe such attacks can be with hospitals currently severely short of resources.

Last month, the Department of Health and Human Services (HHS) in the United States and the Czech Republic’s second-largest hospital in Brno also suffered cyberattacks. The hospital was forced to shut down its operation due to the attack.

To conclude, in order to guard against the aforementioned attack vectors, users are recommended to only download files from reputable sources and also run an antivirus software simultaneously to scan them for malware.

Furthermore, great care should be taken to make sure one is visiting authentic websites. One can do this by not clicking on links in emails from unknown sources and also carefully checking the URL of the sites they visit. You can use platforms like VirusTotal to scan malicious files and websites These should be sufficient to keep you safe.

Did you enjoy reading this article? Kindly do like our page on Facebook and follow us on Twitter.

1 comment

Comments are closed.

Related Posts