Microsoft has warned that cyber criminals are taking advantage of the ongoing coronavirus crisis to trick users into downloading malware onto their devices.
In a statement on Twitter, Microsoft Security Intelligence said that hackers are posing as the “Usa Volunteer Organization” and the “Usa Humanitarian Group” and are sending out hundreds of emails offering free COVID-19 medical advice and testing.
Each email aims to install the Trickbot malware using “unique macro-laced” document attachments.
WHO doubles its security team as phishing attacks ramp up 46% of small and medium businesses targeted by ransomware and 73% paid NCSC removes over 2,000 online coronavirus scams German government loses 'tens of millions' in COVID-19 phishing attack Hackers advertise critical Zoom Windows bug for $500,000
“Like in recent Trickbot campaigns, if allowed to run, the macro uses CHOICE.EXE to wait 20 seconds before downloading the info-stealing payload,” explained Microsoft’s Security Intelligence team. “Trickbot campaigns are known to delay malicious activities to evade emulation or sandbox analysis.”
The company also warned that new phishing campaigns are using the theme of remote working in an attempt to encourage victims to share personal data, such as bank details, over the phone.
“To further avoid raising a flag, phishers don’t put malicious URLs in emails. Instead, they leverage legitimate web services or use attachments that contain the link to the phishing site. In this example, phishers left the email body empty; message & link are in the attached PDF,” Microsoft explained over Twitter.
According to Microsoft 365 Security corporate VP Rob Lefferts, “the trendy and pervasive Trickbot and Emotet malware families are very active and rebranding their lures to take advantage of the outbreak”.
“We have observed 76 threat variants to date globally using COVID-19 themed lures,” he wrote in a blog post.
RELATED RESOURCE
2020 report: The threat posed by shadow IoT devices
Unsanctioned IoT devices open a portal for chaos across the network
Last year, the TrickBot trojan was named the most dangerous threat to healthcare, and it seems to be holding onto that title during the ongoing coronavirus pandemic.
Microsoft’s warning comes weeks after US and UK cybersecurity officials issued a joint warning that hackers, some of them potentially state-backed, are using the disruption caused by the coronavirus pandemic to exploit businesses and the wider public.
Google has also issued a warning to users working from home during the lockdown about a rise in the number of coronavirus-based phishing attacks, many of which are being sent as emails.
-
AI is helping bad bots take over the internetNews Automated bot traffic has surpassed human activity for the first time in a decade, according to Imperva
-
Two years on from its Series B round, Hack the Box is targeting further growthNews Hack the Box has grown significantly in the last two years, and it shows no signs of slowing down
-
Phishing emails target victims with fake vaccine passport offerNews Scammers could steal victims’ personal information and never deliver the illegal goods, Fortinet warns
-
COVID-related phishing fuels a 15-fold increase in NCSC takedownsNews The NCSC recorded a significant jump in the number of attacks using NHS branding to lure victims
-
COVID vaccine passports will fail unless government wins public trust, ICO warnsNews Data watchdog's chief Elizabeth Denham warns that it’s not good enough to claim ‘this is important, so trust us’
-
Fake COVID vaccination certificates available on the dark webNews Fast-growing market emerges for people wanting quick vaccine proof to travel abroad
-
Cyber security firm saw attacks rise by 20% during 2020News Trend Micro found attackers also heavily targeted VPNs
-
Hackers using COVID vaccine as a lure to spread malwareNews Cyber criminals are impersonating WHO, DHL, and vaccine manufacturers in phishing campaigns
-
Website problems slow coronavirus vaccine rollout
News Florida is the epicenter of website issues, as patients struggle with malfunctioning sites and hackers
-
NHS COVID-19 app failed to ask users to self-isolate due to 'software glitch'News The bug is the latest in a long line of errors and glitches to plague the government's contact-tracing app
