COVID-19 Threat Update: Dark Web Now Offering Blood for Sale

Although the use of global events as a vehicle to drive digital crime is hardly surprising, the current outbreak of COVID-19 has revealed a multitude of vectors, including one in particular that is somewhat out of the ordinary. In a sea of offers for face masks, a recent posting on a dark web forum reveals the sale of blood from an individual claiming to have recovered from Coronavirus.

In March 2020 alone, McAfee Labs identified several malicious Android applications abusing keywords connected to the pandemic. The apps range from ransomware samples to spy-agents that spy on the victim’s device. For example, statically analyzing an app called “Corona Safety Mask,” we observe that the amount of permissions is suspicious:

• Full Internet access that allows the app to create network sockets
• Read contact data from the victim’s device
• Send SMS messages

When the user downloads the app, it can order a facemask from the following site: “coronasafetymask.tk.” The SMS send permission is abused to send the scam to the victim’s contact list.

Read more at McAfee

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio