Fake Covid-19 Vaccine Flooded On Dark Web

With several countries including the US and the UK now approving the use of Pfizer-BioNTech’s Covid-19 vaccine, cybercriminals have not left this opportunity to scam people on the dark web, said a report from cybersecurity firm Check Point.

Hundreds of domains on the dark web are claiming to sell Covid-19 ‘Vaccines’ for as high as $250.

There have been extensive advertisements of the fake Covid vaccines with luring headlines such as:

“available corona virus vaccine $250″



“All of the vendors we found insist on payment in bitcoin, as it minimizes the chance of them being traced, casting further doubt on the authenticity of the medicines they are selling. In communications with one vendor, they offered to sell an unspecified Covid-19 vaccine for 0.01 BTC (around $300) and claimed that 14 doses were required. This advice contradicts official announcements which state that some Covid vaccines require two shots, given 3 weeks apart, per person.”

Cybersecurity Firm Check Point

1k+ New Domains

Check Point researchers also warned that positive news about vaccine trials in November and imminent availability also led to a surge in new web domains that relate to Covid-19 or vaccines being registered.

“Our data shows that since the beginning of November there were 1,062 new domains which contain the word ‘vaccine’ that were registered, out of which 400 also contain ‘covid’ or ‘corona’. Six of these sites were found to be ‘suspicious'”

Check Point

A recent email campaign detected by Check Point Research contained the subject “pfizer’s Covid vaccine: 11 things you need to know” (in English and Spanish) and contained a malicious executable file named “Covid-19 vaccine brief summary.exe”, which has been detected as Agent Tesla. Agent Tesla is an advanced RAT functioning as a keylogger and information stealer capable of monitoring and collecting the victim’s keyboard input, system clipboard, taking screenshots, and exfiltrating credentials belonging to of a variety of software installed on a victim’s machine, including Google Chrome, Mozilla Firefox and Microsoft Outlook email client.

So, the next time you see such an email, be an informed citizen and report it as SPAM.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button