Update COVID-19 Cybercrime

Update: COVID19 Cybercrime

During the COVID-19 crisis, our analysts are tracking open-source information sources to keep our followers up to date with COVID-19 Cybercrime. Today’s report:

  • ZDNet reports emails claiming to be from the leader of the World Health Organization are making the rounds in new phishingcampaigns designed to plant keyloggers on PCs.
  • SC Magazine reports that the cybercriminal gang behind Maze ransomwarehas been extorting a UK-based clinical research organization that’s been preparing to play a potential role in testing vaccine candidates for the novel coronavirus, despite assurances that they would not harm any health care organizations during the COVID-19 crisis.
  • Hackers have launched a distributed denial-of-service (DDoS) attack on Germany-based food delivery service Takeaway.com (Liefrando.de), according to a CISO MAG report. Attackers demanded two bitcoins (around US$11,000) in ransom to stop the attack. In DDoS attacks, hackers flood the target with useless traffic to inhibit the availability of services provided by the target.
  • The US Department of Justice on Saturday filed its first court action against a website operator accused of committing fraud to profit from the global COVID-19 pandemic according to InfoSecurity Magazine. A temporary restraining order was filed in a federal court in Austin against the operator of coronavirusmedicalkit.com, who allegedly offered fake coronavirus vaccines for sale in a shameless attempt to cash in on a health crisis that has killed 15,430 people.
  • State and federal law enforcement agencies in Virginia have created a new task force to deal specifically with the rising deluge of scams based around the COVID-19 outbreak.
  • An HHS.gov open redirect is currently being used by attackers to push malware payloads onto unsuspecting victims' systems with the help of coronavirus-themed phishing emails, according to Bleeping Computer.
  • Data Breach Today reports that TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target Human Resources Departments, according to researchers from Prevailion, a security monitoring firm. In the campaign that Prevailion researchers examined, the cybercriminal gang began sending phishing emails impersonating job applicants that contained Trojanized versions of curriculum vitae files. The files contained commercially available malware that allowed the attackers to disguise their movements, steal data and credentials and gave them the ability to encrypt data.

We Can Secure Your Remote Infrastructure

IT managers must prioritize cybersecurity as they transition employees to work remotely. This massive shift in operations to a less secure home environment poses significant risks that must be managed.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

penetration testing red flags

Red Flags to Be Aware of in Penetration Testing Companies

It is important to do your research when selecting a penetration testing company. Here are a few red flags to be aware of when choosing penetration testing companies …
pci compliance test

How To Test for PCI Compliance

PCI Compliance tests are a critical step in protecting your organization against cyber threats. We outline the importance of PCI Compliance tests here …
Cybersecurity Penetration Testing

5 Types of Cybersecurity Penetration Testing

If you are looking for ways to improve your company’s cybersecurity, this guide can help. Here are five types of cybersecurity penetration testing …