Hacking Groups are Using COVID-19 Emails to Attack Targets

Hacking groups have always used a global crisis to lure users and gain access to their personal information. Now, equally the fearfulness of the Novel Coronavirus continues to rising, many regime-sponsored attacks have been detected by various cybersecurity organisations. The countries involved in these types of attacks include Communist china, North Korea and Russia.

Just a few weeks ago, we saw hackers using COVID-19 related emails to infiltrate targets. At present, these types of attacks have increased in number and many are coming from country-sponsored hacking groups.

The Russian Situation

Discovered by cyber-security firm QiAnXin, one of the first land-sponsored attacks using Coronavirus-themed emails came from the Hades Group. The cyber-security business firm believes that the group was working from Russian federation. They also had a tie-up with the notorious group, APT28, codenamed Fancy Comport.

According to QiAnXin, the hackers from Hades sent emails containing documents about Coronavirus info to diverse targets in Ukraine. These documents were actually baits that contained a hidden trojan. To brand the emails look legit, the hackers bearded them equally emails from the Eye for Public Health of the Ministry of Wellness of Ukraine. When 1 of these emails became viral on social media, many residents blocked Ukrainian hospitals to protect their children. They thought that the disease has arrived and this led to many panic-driven riots in the country.

Attacks on Due north Korea

Some other country that used COVID-xix every bit an online weapon was North Korea in mid-February. Cyber-security business firm, IssueMakersLab plant that many COVID-19 themed emails sent to South Korean government officials came with the BabyShark malware. This malware tin exfiltrate organization data and maintain persistence on the system.

Attacks from the Chinese Groups

At present, the most number of malware campaigns came from the country where the hazardous virus originated. Chinese hackers have run 2 malware campaigns consequently using the COVID-19 crunch. The outset assault involved the Vietnamese government. The Vietnamese cyber-security firm, VinCSS, recognised a Chinese authorities-sponsored hacking group codenamed "Mustang Panda" is spreading Coronavirus related emails that contained a RAR file. These files came with the emails and said to incorporate information from the Prime Government minister of Vietnam about the outbreak of the illness. When users downloaded and unzipped these .rar files, it installed a basic trojan that tin use a backstairs in systems to access the users' information.

Some other assault reported past cyber-security firm Cheque Point Research said that a Chinese hacking group named "Vicious Panda" had been targetting the Mongolian government organisations.

These type of attacks are not uncommon during a time of global crisis. And many hacking groups apply the crisis to espionage many government organisations in order to gather sensitive information.

Source: https://beebom.com/government-hacking-groups-using-covid-19-emails/

Posted by: lindnermung1940.blogspot.com

Share this post