Cybercriminals were quick to exploit the coronavirus crisis for their malicious attacks, including phishing, malware infections, and the likes, and it did not take long for state-sponsored threat actors to join the fray.
In addition to banking Trojans targeting enterprise workers and information-stealing malware aimed at multiple industries, which only steal victims’ information, miscreants are also disseminating destructive threats, such as the newly observed wiper.
When executed, the malware drops a series of helper files inside a temporary folder, including a BAT file that identifies itself as “coronovirus Installer,” and which is responsible for most of the setup work.