Skip to main content

CYBER CRIMINALS PENETRATE EVERY PRIVILEGE. As Per Trending, Hackers Have Created Over 2200 Malicious Websites And Apps On Coronavirus (COVID-19) Related Phishing.




As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.
Now, according to a new report published by Check Point Research today, hackers are exploiting the COVID-19 outbreak to spread their own infections, including registering malicious Coronavirus-related domains and selling discounted off-the-shelf malware in the dark web.

"Special offers by different hackers promoting their 'goods' — usually malicious malware or exploit tools — are being sold over the darknet under special offers with 'COVID19' or 'coronavirus' as discount codes, targeting wannabe cyber-attackers," the cybersecurity firm said.
COVID-19 Discounts: Exploit Tools for Sale
The report comes following an uptick in the number of malicious coronavirus-related domains that have been registered since the start of January.

             Coronaviruss Malware Domains.
"In the past three weeks alone (since the end of February 2020), we have noticed a huge increase in the number of domains registered — the average number of new domains is almost 10 times more than the average number found in previous weeks," the researchers said. "0.8 percent of these domains were found to be malicious (93 websites), and another 19 percent were found to be suspicious (more than 2,200 websites)."
Some of the tools available for purchase at a discounted price include "WinDefender bypass" and "Build to bypass email and chrome security."


                 Malwaree Attack.
Another hacking group, which goes by the moniker "SSHacker," is offering the service of hacking into Facebook account for a 15 percent discount with "COVID-19" promo code.

What's more, a seller that goes by the name of "True Mac" is selling a 2019 MacBook Air model for a mere $390 as a "corona special offer." It goes without saying the offer is a scam.
A Long List of Coronavirus-Themed Attacks
The latest development adds to a long list of cyberattacks against hospitals and testing centers, phishing campaigns that distribute malware such as AZORuIt, Emotet, Nanocore RAT and TrickBot via malicious links and attachments, and execute malware and ransomware attacks that aim to profit off the global health concern.
APT36, a Pakistani state-sponsored threat actor that targets the defense, embassies, and the government of India, was found running a spear-phishing campaign using Coronavirus-themed document baits that masqueraded as health advisories to deploy the Crimson Remote Administration Tool (RAT) onto target systems.
Researchers from security firm IssueMakersLab uncovered a malware campaign launched by North Korean hackers that used boobytrapped documents detailing South Korea's response to the COVID-19 epidemic as a lure to drop BabyShark malware. Recorded Future observed, "at least three cases where reference to COVID-19 has been leveraged by possible nation-state actors."
A COVID-19-themed malspam campaign targeted the manufacturing, industrial, finance, transportation, pharmaceutical, and cosmetic industries via Microsoft Word documents that exploits a two-and-a-half-year-old Microsoft Office bug in Equation Editor to install AZORult malware. The AZORult info stealer has also been distributed using a fraudulent version of the Johns Hopkins Coronavirus Map in the form of a malicious executable.
A fake real-time coronavirus tracking Android app, called "COVID19 Tracker," was found to abuse user permissions to change the phone's lock screen password and install CovidLock ransomware in return for a $100 bitcoin ransom.
Another phishing attack, uncovered by Abnormal Security, targeted students and university staff with bogus emails in a bid to steal their Office 365 credentials by redirecting unsuspecting victims to a fake Office 365 login page.
Comment spamming attacks on websites that contained links to a seemingly innocuous coronavirus information website but redirected users to dubious drug-selling businesses.
Aside from malware-laden spam emails, F-Secure researchers have observed a new spam campaign that aims to capitalize on the widespread mask shortage to trick recipients into paying for masks, only to send them nothing.
Staying Secure in the Time of COVID-19
It's amply clear that these attacks exploit coronavirus fears and people's hunger for information about the outbreak. Given the impact on the security of businesses and individuals alike, it's essential to avoid falling victim to online scams and practice good digital hygiene:
Businesses should ensure that secure remote access technologies are in place and configured correctly, including the use of multi-factor authentication, so that employees can conduct business just as securely from home.
Individuals should keep away from using unauthorized personal devices for work, and ensure "personal devices will need to have the same level of security as a company-owned device, and you will also need to consider the privacy implications of employee-owned devices connecting to a business network."
Watch out for emails and files received from unknown senders. Most importantly, check a sender's email address for authenticity, don't open unknown attachments or click on suspicious links, and avoid emails that ask them to share sensitive data such as account passwords or bank information.
Use trusted sources, such as legitimate government websites — for up-to-date, fact-based information about COVID-19.


THN
#osutayusuf
@osutayusuf

Comments

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed

How to Host a Website for Free From Your PC or Laptop.

Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.