Coronavirus-themed attacks April 12 – April 18, 2020

Pierluigi Paganini April 19, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020.

Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases.

Below a list of attacks detected this week.

April 14 – Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations.

April 14 – FTC says $12 million were lost due to Coronavirus-related scams

Consumer reports received since January 2020 revealed that that approximately $12 million were lost due to Coronavirus-related scams, FTC says.

April 15 – Coronavirus-themed attack: Experts uncovered flight refund scam

Experts at email security firm Mimecast has uncovered a flight refund scam that attempts to exploit the ongoing COVID19 outbreak.

April 16 – Hunting the COVID19 in the dark web – A month later

At the end of February, I analyzed major black marketplaces searching for anything related to the COVID19 outbreak, a month later things are completely changed.

April 17 – Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week.

April 17 – Syria-linked APT group SEA targets Android users with COVID19 lures

Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn.

April 18 – Trickbot is the most prolific malware operation using COVID-19 themed lures

TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals.

April 18 – COVID19-themed campaign targets energy sector with PoetRAT

Threat actors employed the previously-undetected PoetRAT Trojan in a COVID19-themed campaign aimed at government and energy sectors. 

If you are interested in COVID19-themed attacks from February 1 give a look at the following posts:

https://securityaffairs.co/wordpress/100698/hacking/coronavirus-themed-attacks-march-22-march-28-2020.html
https://securityaffairs.co/wordpress/101463/hacking/coronavirus-themed-attacks-apr-5-apr-11-20.html
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – malware, COVID19)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment