The world has changed in unprecedented ways in the last several weeks due to the coronavirus pandemic. While it has brought out the best in humanity in many ways, as with any crisis it can also attract the worst in some. Cybercriminals use people’s fear and need for information in phishing attacks to steal sensitive information or spread malware for profit. Even as some criminal...
Read More
Sites promoting a bogus Corona Antivirus are taking advantage of the current COVID-19 pandemic to promote and distribute a malicious payload that will infect the target’s computer with the BlackNET RAT and add it to a botnet. The two sites promoting the fake antivirus software can be found at antivirus-covid19[.]site and corona-antivirus[.]com as discovered by the Malwarebytes Threat Intelligence team and researchers at MalwareHunterTeam, respectively. While the former was...
Read More
Threat actors are utilizing the global spread of COVID-19 (Coronavirus) to conduct malicious activity. As the world responds to this threat in various ways, actors are attempting to use the chaos to their advantage. COVID-19 is being weaponized for scare tactics by threat actors for conducting malicious activity utilizing different Tactics, Techniques, and Procedures (TTPs). While the majority of observations made by Anomali Threat Research...
Read More
As governments attempt to marshal the right response to the COVID-19 outbreak, their efforts are being complicated by malware – including ransomware – attacks continuing to hit healthcare organizations. Some of those facilities are not only treating patients with the disease but also serving as frontline virus-testing labs. See Also: Role of Deception in the ‘New Normal’ With COVID-19 declared a pandemic by the World Health Organization, healthcare...
Read More
The Zeus Sphinx banking Trojan has recently resurfaced after a three years hiatus as part of a coronavirus-themed phishing campaign, the most common theme behind most attacks by far during the current pandemic. Zeus Sphinx (also known as Zloader and Terdot) is a malware strain that was initially spotted back in August 2015 when its operators used it to attack several British financial targets and it is...
Read More