Palo Alto Networks Unit 42: There have been a 656% increase in the average daily coronavirus-related domain name registrations from February to March. In this timeframe, a 569% growth in malicious registrations, including malware and phishing

Cybercrime continue to use coronavirus as one of the best lure/weapon to earn profits. Palo Alto Networks Unit 42 cyber security researchers observed a 656% increase in the average daily coronavirus-related domain name registrations from February to March. In this timeframe, they witness a 569% growth in malicious registrations, including malware and phishing; and a 788% growth in “high-risk” registrations, including scams, unauthorized coin mining, and domains that have evidence of association with malicious URLs within the domain or utilization of bulletproof hosting. As of the end of March, they identified 116,357 covid-19 related newly registered domain names. Out of these, 2,022 are malicious and 40,261 are “high-risk”. While many domains are registered to be resold for a profit, a significant fraction of them are used for both well-known malicious activities as well as for fraudulent shops selling items in short supply. 

The cyber security experts: The traditional cybercrime abusing covid-19 trends includes domains hosting malware, phishing sites, fraudulent sites, malvertising, cryptomining, and black hat SEO

According to the cyber security experts, the traditional cybercrime abusing coronavirus trends includes domains hosting malware, phishing sites, fraudulent sites, malvertising, cryptomining, and black hat Search Engine Optimization (SEO) for improving search rankings of unethical websites. Interestingly, although many webshops that use newly registered domains try to scam users, researchers detected an especially unethical cluster of domains capitalizing on users’ fear of covid-19 to further frighten them into buying their products. Moreover, they discovered a group of coronavirus-themed domains, which now serve parked pages with high-risk JavaScript that may at any time start redirecting users to malicious content.