Fake “Corona Antivirus” distributes BlackNET backdoor (Remote Administration Tool).
What is Corona Antivirus?
Corona Antivirus by antivirus-covid19 can be correctly summarized as a BlackNET Backdoor.
Corona Antivirus is a BlackNET Backdoor. I found this scam via a website (antivirus-covid19.site) advertising “Corona Antivirus -World’s best protection.” That’s funny, cyber criminals are trying to get you to install a computer antivirus that supposedly protects against the actual COVID-19 virus infecting people.
Corona antivirus: 100% fake
Corona Antivirus Technical Summary.
| Name | Corona Antivirus |
| Vendor | antivirus-covid19 |
| Type | BlackNET Backdoor |
| Detection Name | Backdoor.BlackNet |
| Short Description | BlackNET Backdoor. Developed by antivirus-covid19.site and targeted at Windows OS. |
| Distribution Method | Spam |
| Files | update.exe |
Typical channels for Corona Antivirus infiltration.
There is a chance to download and install Corona Antivirus directly from its main websites, nevertheless, I really doubt that this will certainly be your choice. Most often, the application is spread out through intrusive advertisements produced by some adware, or via bundling with other free programs, whereas the information concerning the extra software is often not completely disclosed.
Thus, it is compulsory that you completely take a look at the license agreements and installation milestones during the setup steps of any kind of free program downloaded and install online.
If you have a choice to choose the “Advanced” or “Custom” installation then ensure you use this option to stop unauthorized installations.
Upon installing Corona Antivirus, your PC will be infected with backdoor. The file, packed with the commercial packer Themida turns your computer into a botnet. And now your device ready to receive commands from criminals:
instaboom-hello[.]site/connection.php instaboom-hello[.]site/getCommand.php instaboom-hello[.]site/receive.php
The C&C Server of Corona Antivirus placed at instaboom-hello[.]site reveals the control panel for the BlackNET botnet.
How to remove Corona Antivirus Backdoor?
Unwanted application has ofter come with other viruses and spyware. This threats can steal account credentials, or crypt your documents for ransom.
Reasons why I would recommend GridinSoft1
Run the setup file.
Press “Install” button.
Once installed, Anti-Malware will automatically run.
Wait for the Anti-Malware scan to complete.
Click on “Clean Now”.
Are Your Protected?
If the guide doesn’t help you to remove Corona Antivirus Backdoor you can always ask me in the comments for getting help.
Never heard of thous acronyms and don know what they mean.