coronavirus

Pierluigi Paganini May 31, 2021
COVID-19 – Phishing attacks target employees that come back to the office

Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. Workers are going back to offices after months of remote working and crooks […]

Pierluigi Paganini March 25, 2021
The surge of fake COVID-19 test results, vaccines and vaccination certificates on the Dark Web

Threat actors are offering fake COVID-19 test results and vaccination certificates in blackmarkets and hacking forums on the Dark Web. While vaccination campaigns go ahead with different speeds in many countries multiple threat actors on the Dark Web started offering fake COVID-19 test results and vaccination certificates. Multiple research teams, including mine, are monitoring these […]

Pierluigi Paganini February 26, 2021
Hackers are selling access to Biochemical systems at Oxford University Lab

Hackers have broken into the biochemical systems of an Oxford University lab where researchers are working on the study of Covid-19. Hackers compromised the systems at one of the most advanced biology labs at the Oxford University that is involved in the research on the Covid-19 pandemic. The news was disclosed by Forbes and the […]

Pierluigi Paganini February 12, 2021
Lampion trojan disseminated in Portugal using COVID-19 template

The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template. In the last few days, a new release of the Latin American Lampion trojan was released in Portugal using a template related to COVID-19. This trojan has been distributed in Portugal […]

Pierluigi Paganini January 25, 2021
Dutch police arrested two people for the illegal sale of COVID-19 patient data

Dutch police arrested two individuals for allegedly selling COVID-19 patient data stolen from the Dutch health ministry. Dutch police have arrested two individuals in the country for selling COVID-19 patient data stolen from the national COVID-19. The availability of COVID-19 patient data in the cybercrime underground was spotted by the RTL Nieuws reporter Daniel Verlaan. […]

Pierluigi Paganini January 17, 2021
EMA said that hackers manipulated stolen documents before leaking them

The European Medicines Agency (EMA) revealed Friday that COVID-19 vaccine documents stolen from its servers have been manipulated before the leak. The European Medicines Agency (EMA) declared that COVID-19 vaccine documents stolen from its servers in a recent cyber attack have been manipulated. In December, a cyber attack hit the European Medicines Agency (EMA). At […]

Pierluigi Paganini January 12, 2021
EMA: Some of Pfizer/BioNTech COVID-19 vaccine data was leaked online

The European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data were stolen from its servers. In December, a cyber attack hit the European Medicines Agency (EMA). At the time, the EMA did not provide technical details about the attack, nor whether it will have an impact on its operations while it […]

Pierluigi Paganini January 03, 2021
COVID-19 themed attacks December 19, 2020– January 02, 2021

This post includes the details of the COVID-19 themed attacks launched from December 19, 2020– January 02, 2021. 25 December, 2020 – North Korea-linked Lazarus APT targets the COVID-19 research The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID19 research. 30 December, 2020 – US Treasury […]

Pierluigi Paganini January 01, 2021
Alleged docs relating to Covid-19 vaccine leaked in darkweb

Experts from threat intelligence firm Cyble have found documents relating to Covid-19 vaccine of European Medicines Agency in the Darkweb Security experts from threat intelligence firm Cyble have found several documents relating to the Covid-19 vaccine allegedly stolen from the European Medicines Agency (EMA) leaked in the Darkweb. While the pandemic is spreading on a […]

Pierluigi Paganini December 25, 2020
North Korea-linked Lazarus APT targets the COVID-19 research

The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. […]