Update COVID-19 Cybercrime

Update: COVID19 Cybercrime

During the COVID-19 crisis, our analysts are tracking open-source information sources to keep our followers up to date with COVID-19 Cybercrime. Today’s report:

  • ZDNet reports emails claiming to be from the leader of the World Health Organization are making the rounds in new phishingcampaigns designed to plant keyloggers on PCs.
  • SC Magazine reports that the cybercriminal gang behind Maze ransomwarehas been extorting a UK-based clinical research organization that’s been preparing to play a potential role in testing vaccine candidates for the novel coronavirus, despite assurances that they would not harm any health care organizations during the COVID-19 crisis.
  • Hackers have launched a distributed denial-of-service (DDoS) attack on Germany-based food delivery service Takeaway.com (Liefrando.de), according to a CISO MAG report. Attackers demanded two bitcoins (around US$11,000) in ransom to stop the attack. In DDoS attacks, hackers flood the target with useless traffic to inhibit the availability of services provided by the target.
  • The US Department of Justice on Saturday filed its first court action against a website operator accused of committing fraud to profit from the global COVID-19 pandemic according to InfoSecurity Magazine. A temporary restraining order was filed in a federal court in Austin against the operator of coronavirusmedicalkit.com, who allegedly offered fake coronavirus vaccines for sale in a shameless attempt to cash in on a health crisis that has killed 15,430 people.
  • State and federal law enforcement agencies in Virginia have created a new task force to deal specifically with the rising deluge of scams based around the COVID-19 outbreak.
  • An HHS.gov open redirect is currently being used by attackers to push malware payloads onto unsuspecting victims' systems with the help of coronavirus-themed phishing emails, according to Bleeping Computer.
  • Data Breach Today reports that TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target Human Resources Departments, according to researchers from Prevailion, a security monitoring firm. In the campaign that Prevailion researchers examined, the cybercriminal gang began sending phishing emails impersonating job applicants that contained Trojanized versions of curriculum vitae files. The files contained commercially available malware that allowed the attackers to disguise their movements, steal data and credentials and gave them the ability to encrypt data.

We Can Secure Your Remote Infrastructure

IT managers must prioritize cybersecurity as they transition employees to work remotely. This massive shift in operations to a less secure home environment poses significant risks that must be managed.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

log management

How A Log Management Assessment Can Prepare Your Organization for a Cyber Attack

This article delves into the significance of log analysis in a forensic readiness assessment and outlines best practices for organizations to optimize their log management strategies …
Business Impact Assessments

Importance of Business Impact Assessments

In the event of a data breach, Business Impact Assessments will help your organization prioritize recovery steps and get back to business faster …
cybersecurity incident response

How to Choose the Right Tabletop Scenario for Incident Response Testing

To effectively combat these threats, organizations must invest in robust cybersecurity incident response strategies …