The hackers they leave no chance to go astray, let alone when it comes to professionals supported by governments. According to new data, in recent weeks, the state hacking her teams China, North Korea and Russia do Phishing and other hacking campaigns using the coronavirus, to get their attention victims. Then, after cheating them, they infect them with malware or acquire access in their infrastructure.
They are not the first hackers to exploit the coroner to attack. The experts security have already seen several such attacks and expect many more to be discovered.
Cyber thieves seize every opportunity. They never let such incidents go unnoticed, because they know that many people will respond. Other such cases have been used in the past, such as terrorism attack in Paris in November 2015, the oppression of the Uyghur population in China, etc. The tragic events are always the best bait.
The first state-owned hacking team to use the coroner for its illegal activities is the Hades team, said to be derived from Russia, and joins the team APT28 (Fancy Bear), one of the groups that violated the DNC in 2016.
According to the security company QiAnXin, Hades launched a mid-February campaign to spread one C # backdoor trojan. The hackers hid it in documents supposedly containing the latest news about the coronavirus.
Goals the attack was citizens of Ukraine. The hackers were sending Phishing emails, supposedly coming from the Public Health Center of the Ukrainian Ministry of Health.
These emails were part of a wider information campaign that struck the whole country, on different fronts.
At the same time the Hades hackers sent their emails, a wave of spam emails related to the coronavirus hit the country. Then, there was a "flood" of messages on SOCIAL MEDIA who reported that the coronavirus had arrived in the country.
According to a report by BuzzFeed News, emails and posts on SOCIAL MEDIA they caused panic and turmoil in a large part of the population.
BuzzFeed reports have reported that in some Ukrainian cities, residents filled in hospitals as they feared their children would be infected with coronavirus.
In the midst of this general panic, some malicious emails are much more likely to go unnoticed and reach their goals.
The next country that used the coronavirus for spear-phishing attacks is North Korea. In late February, such an attack was carried out, however, it was not as sophisticated as the one that struck Ukraine.
According to a tweet from the company IssueMakersLab, a hacking team from North Korea hid malware inside documents supposed to describe the state of North Korea with regard to coronavirus.
However, the country that has made the more malware campaigns associated with coronavirus is China. In the last two weeks, Chinese hackers have been particularly active.
At the beginning of the month, the Vietnamese security company VinCSS detected a Chinese hacking team with the code name Mustang Panda, sending emails with an attachment RAR file, which "carried a message about the coronavirus" and "came from" the Vietnamese prime minister. The file essentially infected the victims' computers with backdoor trojan.
The second attack was now reported by the company Check Point. The company said another Chinese team called Vicious Panda targeted its government agencies Mongolia sending maliciously documents related to prevention for coronavirus.
As we said above, government hacking teams are not the only ones exploiting the coroner to launch malware attacks. Many companies security campaigns have also been discovered by "simple" hackers in recent weeks.