In a year plagued by the coronavirus and the many cyber security risks related to it, this had to happen—an array of hackers and dark web thieves playing on the upcoming vaccine promises to prey on unsuspecting netizens. So much so that law enforcement agencies and cyber security experts are now warning of, and bracing for, an avalanche of cyber crimes themed around the vaccine.
Even as vaccines from the likes of Pfizer and AstraZeneca are in various stages of reaching the masses—Pfizer's has already been approved in countries like the UK, the US and Singapore, while others are also into the final stages of trials and approvals—the internet is awash with coronavirus vaccines and 'remedies' for sale.
Last month, more than 1,000 websites containing the word 'vaccine' was registered—the number is equivalent to the previous three months combined. The rise in number has been virtually parallel to the news of successful clinical trials.
The issue has been so vexing, even in a year that has seen covid-related phishing and trojan attacks reach an all-time high, that Europol, the European version of Interpol, has already sounded a warning on vaccine-related crime during the pandemic.
An in depth study by CheckPoint, a global leader in cyber security, has found that the coronavirus vaccine was being offered on the dark web for bitcoins. While one online site was selling the vaccine for around $300 and said 14 shots were required (official reports of approved vaccines like Pfizer's call for double dosage only, three weeks apart.), there were many others selling 'remedies' like Chloroquine for just $10, presumably selling Hydroxychloroquine, a Malaria medicine that was touted as a cure for Covid-19 in some quarters.
Vaccine-related news and information were also being used as a bait for major phishing and trojan attack campaigns, it was found. This included emails with .exe attachments that purportedly offered information on Covid vaccines, as well as Agent Tesla, a malicious software disguised in emails as 'Covid-19 vaccine brief summary.' Agent Tesla is a malware that is capable of monitoring and recording the victim's keyboard inputs (including passwords), takes screenshots and steals log-in credentials from a user's computer, once it gains entry.
