A lot of info stealer, malware campaigns, and scams have taken advantage of the COVID-19 pandemic. Coronavirus has posts threat not only in the physical world, but also in the digital world.
For more articles, check out our #onpatrol4malware blog.
Multiple nation-state groups are hacking Microsoft Exchange servers
Source: ZDNet
Multiple government-backed hacking groups are exploiting a recently-patched vulnerability in Microsoft Exchange email servers. Read more.
Mokes and Buerak distributed under the guise of security certificates
Source: SecureList
Visitors to infected sites were informed that some kind of security certificate had expired. Unsurprisingly, the update on offer was malicious. Read more.
Microsoft orchestrates coordinated takedown of Necurs botnet
Source: ZDNet
Microsoft announced a coordinated takedown of Necurs, one of the largest spam and malware botnets known to date, believed to have infected more than nine million computers worldwide. Read more.
Hackers are using coronavirus maps to infect your computer
Source: The Next Web
Several organizations have made dashboards to keep track of COVID-19. But now, hackers have found a way to use these dashboards to inject malware into computers. Read more.
Tracking Turla: New backdoor delivered via Armenian watering holes
Source: WeLiveSecurity
Can an old APT learn new tricks? Turla’s TTPs are largely unchanged, but the group recently added a Python backdoor. Read more.
February 2020’s Most Wanted Malware: Increase in Exploits Spreading the Mirai Botnet to IoT Devices
Source: Checkpoint
There is a large increase in exploitation of a vulnerability to spread the Mirai botnet, which is notorious for targeting IoT devices, and for conducting massive DDoS attacks. Read more.
Vicious Panda: The COVID Campaign
Source: Checkpoint
Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target. Read more.
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
Source: MalwareBytes
A golden opportunity for threat actors to capitalize on fear, spread misinformation, and generate mass hysteria—all while compromising victims with scams or malware campaigns. Read more.
COVID-19, Info Stealer & the Map of Threats – Threat Analysis Report
Source: Reason Security
The demand for accurate information about Covid19 creates a vulnerability that malicious actors have quickly taken advantage of by spreading malware disguised as a “Coronavirus mapâ€. Read more.
Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait
Source: The Hacker News
As the world comes to grips with the coronavirus pandemic, threat actors have taken advantage of the opportunity to target victims with scams or malware campaigns. Read more.
WHO Chief Impersonated in Phishing to Deliver HawkEye Malware
Source: Bleeping Computer
An ongoing phishing campaign from the Director-General of the WHO is actively spreading HawkEye malware payloads onto the devices of unsuspecting victims. Read more.