Thursday, October 22, 02:26
Home security Which state hacking teams are using the coronavirus for attacks?

Which state hacking teams are using the coronavirus for attacks?

The hackers they leave no chance to go astray, let alone when it comes to professionals supported by governments. According to new data, in recent weeks, the state hacking her teams China, North Korea and Russia do Phishing and other hacking campaigns using the coronavirus, to get their attention victims. Then, after cheating them, they infect them with malware or acquire access in their infrastructure.

They are not the first hackers to exploit the coroner to attack. The experts security have already seen several such attacks and expect many more to be discovered.

Cyber ​​thieves seize every opportunity. They never let such incidents go unnoticed, because they know that many people will respond. Other such cases have been used in the past, such as terrorism attack in Paris in November 2015, the oppression of the Uyghur population in China, etc. The tragic events are always the best bait.


The first state-owned hacking team to use the coroner for its illegal activities is the Hades team, said to be derived from Russia, and joins the team APT28 (Fancy Bear), one of the groups that violated the DNC in 2016.

According to the security company QiAnXin, Hades launched a mid-February campaign to spread one C # backdoor trojan. The hackers hid it in documents supposedly containing the latest news about the coronavirus.

Goals the attack was citizens of Ukraine. The hackers were sending Phishing emails, supposedly coming from the Public Health Center of the Ukrainian Ministry of Health.

These emails were part of a wider information campaign that struck the whole country, on different fronts.

At the same time the Hades hackers sent their emails, a wave of spam emails related to the coronavirus hit the country. Then, there was a "flood" of messages on SOCIAL MEDIA who reported that the coronavirus had arrived in the country.

According to a report by BuzzFeed News, emails and posts on SOCIAL MEDIA they caused panic and turmoil in a large part of the population.

BuzzFeed reports have reported that in some Ukrainian cities, residents filled in hospitals as they feared their children would be infected with coronavirus.

In the midst of this general panic, some malicious emails are much more likely to go unnoticed and reach their goals.


The next country that used the coronavirus for spear-phishing attacks is North Korea. In late February, such an attack was carried out, however, it was not as sophisticated as the one that struck Ukraine.

According to a tweet from the company IssueMakersLab, a hacking team from North Korea hid malware inside documents supposed to describe the state of North Korea with regard to coronavirus.

The documents, believed to have sent to South Korean officials, contain it BabyShark, a malicious one software that had been used in the past by one hacking North Korean team, known as Kimsuky.


However, the country that has made the more malware campaigns associated with coronavirus is China. In the last two weeks, Chinese hackers have been particularly active.

At the beginning of the month, the Vietnamese security company VinCSS detected a Chinese hacking team with the code name Mustang Panda, sending emails with an attachment RAR file, which "carried a message about the coronavirus" and "came from" the Vietnamese prime minister. The file essentially infected the victims' computers with backdoor trojan.

The second attack was now reported by the company Check Point. The company said another Chinese team called Vicious Panda targeted its government agencies Mongolia sending maliciously documents related to prevention for coronavirus.

As we said above, government hacking teams are not the only ones exploiting the coroner to launch malware attacks. Many companies security campaigns have also been discovered by "simple" hackers in recent weeks.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


iPhone: How to take photos in Burst mode

Burst mode is a great way to guarantee that you will take a picture of any movement - but, from ...

How to use the built-in Firefox Task Manager

If you experience slow performance on your system while browsing the web with Mozilla Firefox, you can use the built-in ...

Cybersecurity: What to do to protect your business

The "Plain English" guide written with data from the NCSC advises retailers on what to do to ...

Trump believes that it is not so easy to hack an account

Another controversial statement was made by US President Donald Trump during a campaign on the 19th of the month.

How to turn off your camera and microphone in Zoom

While on a call to Zoom, you may want to turn off your camera video and mute ...

How to create wallpapers on iPhone and iPad

A custom wallpaper goes well with custom application icons and custom widgets. It is not particularly difficult to create ...

PCI Pal: 7 out of 10 will not shop from infringing companies

As a new research by PCI Pal showed, consumers seem to be more worried about the shopping they will do in ...

The new Microsoft Edge is now mandatory on Windows 10 20H2

Today's version of Windows 10 20H2 is the first version that automatically replaces Microsoft Edge Legacy with the new Microsoft ...

Windows 10 1909 KB4580386 fixes various issues

Microsoft has released the monthly cumulative update KB4580386 of Windows 10 1909 with quality improvements and corrections to the Microsoft Xbox Game Pass, ...

The Nefilim ransomware gang leaked Luxottica files

The hackers behind Nefilim ransomware have published files on the internet, which seem to belong to the well-known company that manufactures and sells ...