Update COVID-19 Cybercrime

Update: COVID19 Cybercrime

During the COVID-19 crisis, our analysts are tracking open-source information sources to keep our followers up to date with COVID-19 Cybercrime. Today’s report:

  • ZDNet reports emails claiming to be from the leader of the World Health Organization are making the rounds in new phishingcampaigns designed to plant keyloggers on PCs.
  • SC Magazine reports that the cybercriminal gang behind Maze ransomwarehas been extorting a UK-based clinical research organization that’s been preparing to play a potential role in testing vaccine candidates for the novel coronavirus, despite assurances that they would not harm any health care organizations during the COVID-19 crisis.
  • Hackers have launched a distributed denial-of-service (DDoS) attack on Germany-based food delivery service Takeaway.com (Liefrando.de), according to a CISO MAG report. Attackers demanded two bitcoins (around US$11,000) in ransom to stop the attack. In DDoS attacks, hackers flood the target with useless traffic to inhibit the availability of services provided by the target.
  • The US Department of Justice on Saturday filed its first court action against a website operator accused of committing fraud to profit from the global COVID-19 pandemic according to InfoSecurity Magazine. A temporary restraining order was filed in a federal court in Austin against the operator of coronavirusmedicalkit.com, who allegedly offered fake coronavirus vaccines for sale in a shameless attempt to cash in on a health crisis that has killed 15,430 people.
  • State and federal law enforcement agencies in Virginia have created a new task force to deal specifically with the rising deluge of scams based around the COVID-19 outbreak.
  • An HHS.gov open redirect is currently being used by attackers to push malware payloads onto unsuspecting victims' systems with the help of coronavirus-themed phishing emails, according to Bleeping Computer.
  • Data Breach Today reports that TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target Human Resources Departments, according to researchers from Prevailion, a security monitoring firm. In the campaign that Prevailion researchers examined, the cybercriminal gang began sending phishing emails impersonating job applicants that contained Trojanized versions of curriculum vitae files. The files contained commercially available malware that allowed the attackers to disguise their movements, steal data and credentials and gave them the ability to encrypt data.

We Can Secure Your Remote Infrastructure

IT managers must prioritize cybersecurity as they transition employees to work remotely. This massive shift in operations to a less secure home environment poses significant risks that must be managed.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

payment card industry

What are the 12 Requirements of PCI DSS Compliance?

PCI Compliance requirements are created by the PCI Standards Council in order to secure and protect the entirety of the payment card ecosystem …
hiring pci compliance services

7 Tips for Hiring PCI Compliance Services for Your Business

Read here for 7 practical tips for hiring PCI compliance services for your business …
pci compliance test

Why Do I Need a PCI Compliance Test?

PCI Compliance tests are a critical step in protecting against cyber threats. We outline the importance of PCI Compliance tests …