Site icon LIFARS, a SecurityScorecard company

Threat actors exploiting the novel corona virus epidemic (COVID-19)

Threat actors exploiting the novel corona virus epidemic (COVID-19)

Threat actors exploiting the novel corona virus epidemic (COVID-19)

As the WHO has declared COVID-19 to be a global pandemic, we have seen a large increase in the exploitation of this theme by threat actors, cybercriminals and nation-state alike, to attack networks and users.

At LIFARS, we have, so far, seen three main “themes”:

When the vector is an email, we have seen either a link or an attached document, often a Word document. The link opens a site that installs or runs malicious code on the computer, the document exploits a vulnerability, which results in the download and execution of malicious code. From official reports, it seems the threat actors also exploit the COVID-19 theme to distribute malware applications for mobile devices using the official Play Store and Apple Store.

Once the link is clicked or the document opened, based on our recent cases, either a ransomware or a data stealer malware is started. In most cases, we have seen Trickbot being deployed, however, there are reports of other tools being used as well.

In the last few days, we have also seen an increase in the wire fraud attempts with the cybercriminals requesting a donation for the victims or pretending to be able to provide goods not available somewhere else, such as medications or vaccines.

How to prevent an infection

As usual: be smart. Anything that plays on the urgency, has over-dramatic tones, or claims to reveal a truth hidden from the public is to be considered as suspicious. In the same way, any communication that prompts you to open a document “that contains important information” or to click on a link should be considered as a threat.

Before opening a document attached to an email or clicking on a link, follow this routine.

What if you open one of these?

Do not panic and, more importantly, do not try to fix the issue yourself: call your IT department for help and let them know that you think your machine has been compromised. Do not turn off your computer thinking that it will solve the issue.

 

LIFARS Can Help You During Prevent Infection

Invest in LIFARS The Daily TRUTH

To Learn More, Contact Us Today!

 

Exit mobile version