Coronavirus-themed attacks March 22 – March 28, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020.

Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases.

Below a list of attacks detected this week.

March 23 – COVID19-themed campaign delivers a new variant of Netwalker Ransomware

MalwareHunterTeam experts have identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware.

March 23 – Operation Pangea: Europol dismantles criminal gangs selling COVID19 medicine, surgical masks

Operation Pangea is the name of a joint international operation lead by the Interpol that seized €13 million in counterfeit drugs for care. 

March 24 – New York Attorney General asks domain registrars to crack down on COCscam sites

New York Attorney General asks domain registrars, including GoDaddy, and Namecheap, to crack down on COVID19 scam sites.

March 25 – Fake Coronavirus Finder spread Ginp Mobile Banker

Security experts have spotted a new COVID-themed campaign aimed at distributing the Ginp Mobile Banker with “Coronavirus Finder” lure.

March 26 – WordPress WP-VCD malware delivered via pirated Coronavirus plugins

Crooks behind the WordPress WP-VCD malware are distributing pirated versions of the COVID19 plugins that inject a backdoor into websites.

March 26 – Hackers hijack D-Link and Linksys routers to point users to COVID19-themed sites serving malware

The number of COVID19-themed attacks continues to increase, crooks hijack D-Link and Linksys routers to redirect users to sites spreading COVID19-themed malware.

If you are interested in COVID19-themed attacks from February 1 give a look at the following posts:

Pierluigi Paganini

(SecurityAffairs – COVID19, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]