Login

Register

Login

Register

#cybersecurity | hacker | Fake coronavirus emails impersonate WHO to trigger FormBook infection


Fears over the novel coronavirus have triggered mass quarantines, Purell and Clorox shortages and financial market turmoil. As global concerns continue to mount with the latest headlines – just today, it was reported that the head of the Port Authority of New York and New Jersey was infected – cyber fraudsters and threat actors continue to seize on those fears.

In one of the latest examples, researchers at MalwareHunterTeam reportedly have exposed a phishing scam that pretends to offer coronavirus information from the World Health Organization, but in reality distributes the GuLoader malicious downloader, which in turn installs the FormBook information-stealing trojan.

The emails, best viewed via a browser, include statistics on the virus and encourage the recipient to view an attached file, MY-HEALTH.PDF, in order to view the “the simplest and fastest ways” to take of one’s health while ensuring the well-being of others, BleepingComputer reports. The reader is also falsely instructed to reach out to an attacker-controlled email address to supposedly contact the “Corona-virus Disease Grants/Donation board for a grant or donation application.”

Upon infection, GuLoader reportedly downloads and
decrypts an encrypted version of Formbook from Google Drive, and then injects it
into the Windows process wininit. Formbook is capable of copying clipboard
contests, keylogging, extracting data from HTTP sessions, and executing
commands given by a command-and-control server. Such functionality can allow attackers
to steal banking and website login credentials and cookies, the report
continues.

Late last week, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance warning citizens to beware of coronavirus scams.

“Cyber actors may send emails with malicious attachments
or links to fraudulent websites to trick victims into revealing sensitive
information or donating to fraudulent charities or causes,” the advisory
states. “Exercise caution in handling any email with a COVID-19-related subject
line, attachment, or hyperlink, and be wary of social media pleas, texts, or
calls related to COVID-19.”

CISA recommends that users avoid interaction with links
and email attachments in unsolicited emails; rely on only trusted, official
sources for their COVID-19 information, avoid sharing personal and financial
information in emails; and ensure that a charity is legitimate before donating.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW