Coronavirus-themed attacks February 1 – March 15, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from February 1 to March 15, 2020.

February 1, 2020 – Crooks start exploiting Coronavirus as bait to spread malware

Security researchers warn of campaigns aimed at spreading malware that exploits media attention on the COVID-19 epidemic.

February 25, 2020 – South Korea suffers from the spread of people infected with Corona 19

‘Est security’ found malicious code disguised as a ‘Corona 19 real-time status’ inquiry program and asked the public’s attention.

February 26, 2020 – New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Researchers from Cybaze Yoroi have spotted a new campaign exploiting the interest in COVID-19 evolution to spread malware.

March 6, 2020 – TrickBot targets Italy using fake WHO Coronavirus emails as bait

Crooks continue to exploit the attention on the COVID-19 outbreak, TrickBot operators target Italian users.

March 8, 2020 – New Coronavirus-themed malspam campaign delivers FormBook Malware

Experts uncovered a new COVID19-themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan.

March 12, 2020 – Crooks use weaponizedcoronavirus map to deliver malware

While WHO declares the COVID-19 outbreak a pandemic, crooks are attempting to exploit the situation to monetize their efforts.

March 13, 2020 – State-sponsored hackers are launching Coronavirus-themed attacks

State-sponsored hackers are now using COVID-19 lures to infect their targets.

March 15, 2020 – BlackWater, a malware that uses Cloudflare Workers for C2 Communication

Crooks continue to abuse the interest in Coronavirus outbreak, now experts found a new backdoor called BlackWater that pretends to provide information about COVID-19.

March 15, 2020 – Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks

A cybercrime gang focused on Business Email Compromise (BEC) has started using COVID19-themed scam emails in its attacks.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – hacking, COVID-19)

The post Coronavirus-themed attacks February 1 – March 15, 2020 appeared first on Security Affairs.