Thursday, June 4, 2020
banner
Home /  United States  /  US, Britain warn that hackers increasingly use coronavirus bait

US, Britain warn that hackers increasingly use coronavirus bait

AFP
WASHINGTON
US and British cybersecurity agencies warned on Wednesday that foreign government-backed hacking groups are using coronavirus themes to ply their way into computers and networks.
The groups are sending phishing emails and setting up websites with COVID-19 virus subjects, aiming to lure users to click on links that will expose their computers to penetration or introduce malware.
Some use email and SMS subject lines like “2020 Coronavirus updates” or “Coronavirus outbreak in your city(Emergency)”, while others might offer an attached file with purported updates on national policies to deal with the pandemic, said an alert jointly issued by the US Cybersecurity and Infrastructure Agency and Britain’s national Cyber Security Center.
“APT groups are using the COVID-19 pandemic as part of their cyber operations, they said, referring to the “Advanced Persistent Threat” designation that Western intelligence agencies use for hacking operations tied to governments in Russia, China, North Korea and Iran.
“These cyber threat actors will often masquerade as trusted entities.... Their goals and targets are consistent with long-standing priorities such as espionage and “hack-and-leak” operations.” In addition, the two cybersecurity agencies said, “cybercriminals are using the pandemic for commercial gain, deploying a variety of ransomware and other malware.” They released 2,500 web addresses tied to the scams, warning that the situation is “fast-moving” so that the list is not exhaustive.
They gave examples of an SMS sent to phones in announcing coronavirus payments to residents, and saying to click on a link that is then used to harvest personal and banking information.
A number of phishing emails in multiple languages pretend to come from the World Health Organization.
One sent to Italians purports to be from a senior WHO doctor and has an attached document detailing “precautions necessary to fight infection.” The attachment introduces a batch file onto the computer which opens the way for a bot to permeate the user’s computer system.