Will Baggett, a cybersecurity consultant in Atlanta, tells WSB that tech firm Reason Labs has already found infected coronavirus maps online.
"It's a heat map of the coronavirus spread, mirrored from the Johns Hopkins [University] site, but the back end of the site loads malware so they can access your e-mail accounts and your bank accounts," Baggett tells WSB. "The malicious site has code to pull in the real map."
The nasty program can also snatch passwords, usernames, cookies, and other information stored in a web browser.
Baggett says the hackers may be spreading it with spam e-mails, and they are also using simple attachments.
"Traditional Word document attacks that we've seen since the '90s are back," he says.
There have also been Android apps which look like the maps, but those fake trackers lock up a phone and demand a bitcoin ransom to free it.
Details from Krebs on Security say that late last month, someone on several Russian language cybercrime forums started selling a digital Coronavirus infection kit that claims to mirror the real-time data of the and interactive nature of the Johns Hopkins map, and can also go viral to their friends when users grab it.
"It's very simple to set up malware with a cloned image of something that looks desirable," Baggett says. "People want to know where this virus is spreading."
Baggett warns that self-quarantining telecommuters could be more at risk, because people working from home may be without the advanced firewall protections of their offices. He noted that a company he's consulting for has software that was catching this malware as employees clicked on things--but at home, workers may not be looped into that.
"The corporate network keeps their anti-virus up to date on a regular basis. The home network people don't do that," Baggett says. "They're avoiding the physical virus, but they're vulnerable to the electronic virus."
He notes that as long as this pandemic is in the headlines, this won't go away, and employees may ultimately be putting their employers' systems at risk.
"These are going to be constant threats as more people work from home until the crisis passes," says Baggett.