Cyber Crime

Dark Web: Hackers launch Coronavirus sale to sell hacking tools

Another day, another Coronavirus related scam, thanks to opportunistic cybercriminals. 

Amidst all the panic that has gripped every country due to the Coronavirus, we couldn’t possibly imagine people taking advantage of the vulnerabilities of others. Turns out though that this is untrue.

Amongst corporations inflating the prices of basic commodities and individuals hoarding household items, we have a specific group of cybercriminals that are knee bent on scamming unsuspecting users in a number of ways.

Discovered by researchers at Check Point; cybercriminals are offering special discount codes titled “COVID-19” or “Coronavirus” on their malicious tools so that potential attackers could be more inclined to buy them in these difficult times.

This inclination may come as a result of getting these goodies cheaply than one would in normal times, especially for those who may find themselves with a lot of free time due to the lockdowns. These sellers are advertising in different chatrooms to spread the word among potential buyers.


For example:

An example of one such chatroom: Check Point

NativeOne Products, the seller, in this case, is offering tools that can be used to bypass email services like Gmail and Outlook along with Google Chrome, a tool to “bypass WinDefender” and a file host for 1 month for any type of file regardless of if it is infected or not.

The prices for these differ as shown above and are also available in limited quantity. On the other hand, we also have sellers offering to do the job themselves.


An example is of a group named SSHacker which is willing to hack Facebook accounts for $300 but with a 15% discount of course.

While all of the above is indeed very unethical but believable, we also have certain attackers trying to sell physical products. An example is below of a marketplace on the dark web – only accessible by TOR – where a MacBook is being sold.

The seller has put out a “Corona Special Offer” reducing the price by a whole $200.

Nonetheless, it is important to realize that all of this is not only being done on the dark web. According to the researchers, 16000 domains related to coronavirus have been registered from the start of 2020.


Individual monthly statistics are shown in the chart below:


Although the vast majority of these are legitimate, some are fake websites created to infect users or attack them with methods such as phishing.

An example is this fake antivirus. We do have to blame the victims in this case too though (don’t book me for victim-blaming), who would think a piece of code could protect one from a living virus? Apparently, some people are very misinformed.


To conclude, some of these offers listed above are legitimate in the sense that they actually deliver what someone buys while some are only there to lure potential victims. Our first piece of advice would be to steer clear of such sellers entirely.

This is not only due to the sheer dehumanizing attitude portrayed through such business but also the risk that you may be falling into a trap and end up downloading malicious files or in other cases losing your money to receive nothing.

Secondly, avoid trusting any website unless it is a reputable one since you do not want to take any chances. No links or offers sent by strangers through email or any other medium should be trusted as well. Following these simple precautions will for sure help keep you safe.

To Top

Pin It on Pinterest

Share This