Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

COVID-19 themed attacks are just a small percentage of the overall threats

Threat actors adapted their tactics to exploit the interest in the ongoing COVID-19 pandemic, Microsoft says. Since the beginning of the COVID-19 pandemic, threat actors started to actively deploy opportunistic campaigns using Coronavirus lures. Anyway, Microsoft says that malware attacks that abused the COVID-19 theme only had a temporary effect on the total volume of […]

COVID-19 attacks

Threat actors adapted their tactics to exploit the interest in the ongoing COVID-19 pandemic, Microsoft says.

Since the beginning of the COVID-19 pandemic, threat actors started to actively deploy opportunistic campaigns using Coronavirus lures.

Anyway, Microsoft says that malware attacks that abused the COVID-19 theme only had a temporary effect on the total volume of threats detected by the IT giant.

COVID-19 themed attacks peak in the first two weeks of March, when several nations were taking action to limit the outbreak. By the end of March, every country in the world was hit at least by one Coronavirus campaign.

Threat actors launched malspam campaigns using malicious attachments or using massages containing links that redirect users to phishing pages or malware downloads.

“The week following that declaration saw these attacks increase eleven-fold. While this was below two percent of overall attacks Microsoft saw each month, it was clear that cybercriminals wanted to exploit the situation: people around the world were becoming aware of the outbreak and were actively seeking information and solutions to combat it.” reads a post published by Microsoft. “Worldwide, we observed COVID-19 themed attacks peak in the first two weeks of March.”

COVID-19 attacks

While the overall trend of malware detections worldwide did not vary significantly during this time, experts observed a spike of COVID-19 themed attacks that confirms that threat actors only changed tactics to take advantage of the pandemic.

COVID-19

Most of the campaign observed by Microsoft were highly localized, during the outbreak threat actors closely mimicked the local developments of the crisis and the response to the crisis.

Most of the COVID-19 malware campaigns targeted users in a specific country and used weaponized documents using local news and local developments as lures.

“Malware campaigns, attack infrastructure, and phishing attacks all showed signs of this opportunistic behavior.” continues the report.

“They preyed on our concern, confusion, and desire for resolution,”

Microsoft confirmed that major malware operators didn’t put particular effort into launching COVID-19 theme attacks.

Threat actors infect continued to use the same attack infrastructure and the same malware while using Coronavirus lures updating old email templates.

Currently, Microsoft COVID-19-themed malware attacks have dropped, but they are still higher than the number of attacks detected at the beginning of the pandemic in early February.

Microsoft researchers have no doubt, threat actors will continue to use Coronavirus lures as long as COVID-19 pandemic persists.

“Overall, COVID-19 themed attacks are just a small percentage of the overall threats the Microsoft has observed over the last four months. There was a global spike of themed attacks cumulating in the first two weeks of March.” concludes the report. “Based on the overall trend of attacks it appears that the themed attacks were at the cost of other attacks in the threat environment.”

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, COVID-19)

[adrotate banner=”5″]

[adrotate banner=”13″]