As COVID-19 vaccination is being rolled out all around the world, cybercriminals are leveraging the situation, carrying out a new wave of attacks. DomainTools researchers have discovered multiple adversaries, from criminal groups to state-sponsored threat actors, being engaged in malicious cybercriminal activities.
The fresh wave of cyberattacks
Attackers are using malicious websites, phishing emails, and illicit markets that use COVID-19 vaccines as a lure to target people. In one of the latest incidents, a suspicious Microsoft Excel document is delivered via a malicious link.
The link prompts the recipient to execute Visual Basic for Applications (VBA) macros that lead to the execution of specific commands.
Hackers in this attempt also try to pull off a DLL Search Order Hijacking attack and security experts suspect that Goblin Panda threat group could be associated with the attack.
Experts also noted some of the malware samples deploying Cobalt Strike Beacon. These samples were found using domain fronting with Google services for C2 and further operations.
Other COVID-19 themed cyber attacks
Recently, SlashNext Threat Labs discovered a wave of spear-phishing attacks focused on businesses working to deliver COVID-19 vaccines and therapeutics to stop the pandemic.
A phishing campaign was discovered to be using the name of the U.K National Health Service. The email lures a recipient to accept the invitation for vaccination.
A phishing campaign was discovered in Mexico, using a website that was mimicking itself as the website of the medical laboratory “El Chopo.”
The attacks are ongoing since last year
According to the Atlas VPN team, around 16.4 million COVID-19 themed cyber threats were identified in 2020. The data is based on Trend Micro’s Annual Cybersecurity report.
Out of all COVID-19-related cyber threats spotted last year, around 14.5 million attacks (89%) were malicious spam.
There were 1.85 million dangerous URLs discovered last year, which was around 11% of all the COVID-19 themed cyber threats in 2020.
Around 33 thousand (less than 1%) online threats of last year utilizing the pandemic were malware attacks.
Conclusion
As hackers and scammers are looming around the corner to attack, the public should be careful enough to differentiate between misinformation and facts. For COVID-19 vaccine-related information, people can reach out to their local health authorities, healthcare providers, or visit official websites.