Update COVID-19 Cybercrime

Update: COVID19 Cybercrime

During the COVID-19 crisis, our analysts are tracking open-source information sources to keep our followers up to date with COVID-19 Cybercrime. Today’s report:

  • ZDNet reports emails claiming to be from the leader of the World Health Organization are making the rounds in new phishingcampaigns designed to plant keyloggers on PCs.
  • SC Magazine reports that the cybercriminal gang behind Maze ransomwarehas been extorting a UK-based clinical research organization that’s been preparing to play a potential role in testing vaccine candidates for the novel coronavirus, despite assurances that they would not harm any health care organizations during the COVID-19 crisis.
  • Hackers have launched a distributed denial-of-service (DDoS) attack on Germany-based food delivery service Takeaway.com (Liefrando.de), according to a CISO MAG report. Attackers demanded two bitcoins (around US$11,000) in ransom to stop the attack. In DDoS attacks, hackers flood the target with useless traffic to inhibit the availability of services provided by the target.
  • The US Department of Justice on Saturday filed its first court action against a website operator accused of committing fraud to profit from the global COVID-19 pandemic according to InfoSecurity Magazine. A temporary restraining order was filed in a federal court in Austin against the operator of coronavirusmedicalkit.com, who allegedly offered fake coronavirus vaccines for sale in a shameless attempt to cash in on a health crisis that has killed 15,430 people.
  • State and federal law enforcement agencies in Virginia have created a new task force to deal specifically with the rising deluge of scams based around the COVID-19 outbreak.
  • An HHS.gov open redirect is currently being used by attackers to push malware payloads onto unsuspecting victims' systems with the help of coronavirus-themed phishing emails, according to Bleeping Computer.
  • Data Breach Today reports that TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target Human Resources Departments, according to researchers from Prevailion, a security monitoring firm. In the campaign that Prevailion researchers examined, the cybercriminal gang began sending phishing emails impersonating job applicants that contained Trojanized versions of curriculum vitae files. The files contained commercially available malware that allowed the attackers to disguise their movements, steal data and credentials and gave them the ability to encrypt data.

We Can Secure Your Remote Infrastructure

IT managers must prioritize cybersecurity as they transition employees to work remotely. This massive shift in operations to a less secure home environment poses significant risks that must be managed.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

pci dss compliance

Why PCI Standards Are Just the Starting Point for Securing Payment Data

While PCI DSS compliance offers a solid baseline, it is not an all-encompassing solution to build a proactive and resilient data security framework …
pci dss in the cloud

How to Achieve PCI Compliance in the Cloud as Security Controls Evolve

The integration of cloud services with PCI DSS compliance is particularly crucial for enterprises that handle sensitive payment card information …
Digital Forensics Investigation

What Are the 5 Stages of a Digital Forensics Investigation?

In this article, we delve deeply into the five stages of a digital forensics investigation and provide tips on how to select the right digital forensics company …