Cyber attack campaigns exploiting COVID-19 with global impact


Johannesburg, 30 Apr 2020
Read time 1min 40sec

Over the past few months, researchers at Panda Security have noted an increase in malicious social engineering campaigns using the global COVID-19 pandemic as a hook. As the crisis deepens, the number of related malicious domains, spam, malware and ransomware attacks has increased. With a large portion of the workforce now working from home, the attack surface has increased dramatically – creating more opportunities for cyber criminals.

Spam

Recently, researchers have observed an increase in COVID-19 related spam e-mails that were not limited to specific regions, but common around the world. The e-mails feature enticing subject lines such as ‘official’ updates and information about the virus, or delayed delivery schedules due to COVID-19. As with most spam campaigns, they prompt the receiver to open malicious attachments.

Malware and ransomware

Using online monitoring maps, hackers have been able to identify high-traffic sites in order to replace them with fake sites that facilitate the installation of malware. Panda Security’s 100% attestation service has allowed researchers to identify and block malicious executables, including new ransomware variants CoronaVirus & CovidLock. CovidLock originates from a malicious Android app that supposedly helps track COVID-19 cases, but instead the malicious executable blocks the user’s device and demands a ransom.

Indicators of compromise

Organisations that have implemented an advanced endpoint security (EDR) technology supplemented with a patch management service need not be too concerned about these kinds of threats. Solutions like Panda Adaptive Defense 360, with its 100% attestation service, monitor all processes and block malicious or potentially malicious processes from running. However, it is important to maintain a multi-layered approach that speaks to current threats.

Learn more about how cyber criminals are exploiting COVID-19 – reference Panda Security’s new eBook – Cyberattacks Exploiting COVID-19.

Editorial contacts
Panda Security Beatrice Kampmann (+27) 021 683 3899 Beatrice.kampmann@za.pandasecurity.com