Login

Register

Login

Register

#cybersecurity | hacker | Threat actors play on people’s desire to help cure Coronavirus


Much like
the new cases of COVID-19 that occur daily, cybercriminals are constantly rolling
out new tactics, techniques and procedures based on the pandemic.

One of the newer attacks, first observed on March 7, uses a Coronavirus themed email to spread RedLine Stealer malware. This is described as a particularly well designed, written and developed malware, reported Proofpoint, that is delivered through an email’s URL. Additionally, it is being distributed as a malware as a service priced at $150 lite version, $200 pro version and $100 per month subscription option.

The social
engineering aspect of the attack is also highly developed. The subject line
asks the recipient, generally a U.S.-based healthcare or manufacturing industry,
to “Please help us with Fighting corona-virus”. They are supposedly from a
company called Mobility Research which claims it is part of the Folding@Thome project.
This name is an intentional misspelling of the legitimate Foldering@Home, a
public-resource computing firm – like the now shuttered SETI at Home project, that
might confuse people into opening the email.

The victim
is then directed to the malware bucket on Bitbucket and asked to install it, Proofpoint
said.

RedLine Stealer steals browser information such as login, autocomplete, passwords and credit cards. It also collects information about the user and their system such as the username, their location, hardware configuration, and installed security software. A recent update to RedLine Stealer also added the ability to steal cryptocurrency cold wallets.

But this is
not the only campaign being run.

The gang
TA505, which has pushed Locky ransomware and the Dridex banking trojan, this
week started using a Coronavirus hook with their emails aimed at the downloader
campaign targeting the U.S. healthcare, manufacturing, and pharmaceuticals
industries.

TA564 is
doing much the same against Canadian citizens using coronavirus emails to
target Canadian users by spoofing the Public Health Agency of Canada in an
attempt to deliver the banking trojan Ursnif.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW