The new crown virus epidemic has become a means of exploitation by hackers: an overview of attacks on the theme of the new crown virus
Researchers summarized recent attacks on the topic of the new coronavirus.
February 1-Using the new crown virus to spread malware
Security researchers discovered that attackers used the new crown virus epidemic to attract the attention of ordinary users to spread malware.
February 25th-South Korea discovered a real-time virus infection with a malicious query program
Est security researchers discovered that there are queries disguised as real-time status of the new crown virus Program to spread malicious code.
February 26-A new cyber attack using the new crown virus
Cybaze Yoroi Researchers from has discovered an attack that uses people’s interest in COVID-19 to spread malware.
March 6-TrickBot used fake WHO new crown virus emails to attack Italy
Sophos researchers found that an attacker used the new crown virus outbreak to spread the TrickBot attached Malware spam. After opening the spam attachment, if the macro is enabled, the word document will display a message asking the recipient to enable editing and content. If the macro is not enabled, the VBA script will be executed, and a separate JS file will be created to decode and execute the malicious payload, and then the WSH executable file will be used to load the malicious payload.
March 8-use the new crown Virus subject spam spreads FormBook malware
< br/>Researchers discovered that hackers used spam emails with the theme of the new crown virus to spread a malware downloader, which would spread the FormBook information-stealing Trojan malware.
March 12-Hackers use weaponized maps to spread malware
WHO is releasing COVID-19 on a large scale After the outbreak, hackers can start using it to make money. Hackers use the user's attention to the map of the COVID-19 epidemic to induce users to download a malicious application that displays the map of the epidemic. After the user downloads the application, a seemingly trustworthy GUI is displayed. After execution, the GUI window will load information from the Johns Hopkins website, and the malware will run in the background. After the malware runs, it can steal information and financial data and sell it on the dark web.
March 13th-APT hackers launched a COVID-19-themed attack
On March 13, researchers discovered that the Russian APT organization launched a COVID-19-themed attack, using COVID-19 to lure The user infects the target.
March 13-BlackWater uses the new crown virus to spread
BlackWater is a malware that uses Cloudflare Workers as C2 communication. Recently, researchers discovered a backdoor software called BlackWater that claims to provide information about COVID-19 To spread.
March 15-Noooo launched a new crown virus theme BEC attack
Noooo, a criminal who focused on BEC attacks, began to use spam with the theme of the new crown virus in his attack.
This article is published by www.internetweblist.com and does not represent the position of www.internetweblist.com/：http://www.internetweblist.com/News/21841.html