A lot of info stealer, malware campaigns, and scams have taken advantage of the COVID-19 pandemic. Coronavirus has posts threat not only in the physical world, but also in the digital world.

For more articles, check out our #onpatrol4malware blog.

malicious Microsoft Office documents

Multiple nation-state groups are hacking Microsoft Exchange servers

Source: ZDNet

Multiple government-backed hacking groups are exploiting a recently-patched vulnerability in Microsoft Exchange email servers. Read more.

malicious Microsoft Office documents

Mokes and Buerak distributed under the guise of security certificates

Source: SecureList

Visitors to infected sites were informed that some kind of security certificate had expired. Unsurprisingly, the update on offer was malicious. Read more.

malicious Microsoft Office documents

Microsoft orchestrates coordinated takedown of Necurs botnet

Source: ZDNet

Microsoft announced a coordinated takedown of Necurs, one of the largest spam and malware botnets known to date, believed to have infected more than nine million computers worldwide. Read more.

info stealer

Hackers are using coronavirus maps to infect your computer

Source: The Next Web

Several organizations have made dashboards to keep track of COVID-19. But now, hackers have found a way to use these dashboards to inject malware into computers. Read more.

malicious Microsoft Office documents

Tracking Turla: New backdoor delivered via Armenian watering holes

Source: WeLiveSecurity

Can an old APT learn new tricks? Turla’s TTPs are largely unchanged, but the group recently added a Python backdoor. Read more.

malicious Microsoft Office documents

February 2020’s Most Wanted Malware: Increase in Exploits Spreading the Mirai Botnet to IoT Devices

Source: Checkpoint

There is a large increase in exploitation of a vulnerability to spread the Mirai botnet, which is notorious for targeting IoT devices, and for conducting massive DDoS attacks. Read more.

info stealer

Vicious Panda: The COVID Campaign

Source: Checkpoint

Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target. Read more.

malicious Microsoft Office documents

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

Source: MalwareBytes

A golden opportunity for threat actors to capitalize on fear, spread misinformation, and generate mass hysteria—all while compromising victims with scams or malware campaigns. Read more.

info stealer

COVID-19, Info Stealer & the Map of Threats – Threat Analysis Report

Source: Reason Security

The demand for accurate information about Covid19 creates a vulnerability that malicious actors have quickly taken advantage of by spreading malware disguised as a “Coronavirus map”. Read more.

malicious Microsoft Office documents

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

Source: The Hacker News

As the world comes to grips with the coronavirus pandemic, threat actors have taken advantage of the opportunity to target victims with scams or malware campaigns. Read more.

info stealer

WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

Source: Bleeping Computer

An ongoing phishing campaign from the Director-General of the WHO is actively spreading HawkEye malware payloads onto the devices of unsuspecting victims. Read more.