Monday, January 25, 23:19
Home security Health organizations and governments are being hacked

Health organizations and governments are being hacked

Health organizations and governments are being hacked: H pandemic of the coronae, continues to be used by hackers to carry out attacks malware, campaigns phishing emailscams and spread misinformation.  

Security researchers have discovered a large number of phishing email campaigns on the subject COVID-19, which mainly targeted governments and health organizations.

Health organizations and governments are being hacked

Security researchers from Unit 42 have noticed that many malicious emails seem to come from WHERE with fake address (noreply @ who [.] int).

Η campaign targets individuals associated with a Canadian government healthcare organization actively working to mitigate COVID-19.

The binary that secretly downloads has an icon Adobe Acrobat. Once executed, it sends an HTTP GET request to receive the image, which is used as a notification. ransomware.

Once the image is received, then a request will be created based on the name user and the name of the victim's server.- Advertisement -

Ransomware encrypts the following files and adds the .locked20 extension:

".Abw", ".aww", ".chm", ".dbx", ".djvu", ".doc", ".docm", ".docx", ".dot", ".dotm", ".Dotx", ".epub", ".gp4", ".ind", ".indd", ".key", ".keynote", ".mht", ".mpp", ".odf", ".Ods", ".odt", ".ott", ".oxps", ".pages", ".pdf", ".pmd", ".pot", ".potx", ".pps", ".Ppsx", ".ppt", ".pptm", ".pptx", ".prn", ".prproj", ".ps", ".pub", ".pwi", ".rtf", ".Sdd", ".sdw", ".shs", ".snp", ".sxw", ".tpl", ".vsd", ".wpd", ".wps", ".wri", ".Xps", ".bak", ".bbb", ".bkf", ".bkp", ".dbk", ".gho", ".iso", ".json", ".mdbackup", ".Nba", ".nbf", ".nco", ".nrg", ".old", ".rar", ".sbf", ".sbu", ".spb", ".spba", ".Tib", ".wbcat", ".zip", "7z", ".dll", ".dbf"

According to researchers, the ransomware variant used is EDA2.

READ MORE

LEAVE ANSWER

Please enter your comment!
Please enter your name here

LIVE NEWS

00:02:40

COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...
00:02:17

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...