COVID-19 isn’t slowing down cyberthieves. According to a report by Palo Alto Networks’ Unit 42 security team, phishing attacks are thriving during the coronavirus pandemic.
Cyberattackers are hitting government bodies and medical organizations using traditional phishing attacks, where thieves use emails to tempt people to click on links that can compromise their computers or mobile devices.
Unit 42 said it has observed growth of coronavirus-themed threats, particularly in the realm of phishing attacks. While the coronavirus-themed phishing campaigns observed by Unit 42 are numerous, the report also describes a ransomware variant (EDA2) observed in attacks on a Canadian government health care organization and a Canadian medical research university.
And Unit 42 observed an infostealer variant (AgentTesla) observed in attacks against various other targets (e.g, a United States defense research entity, a Turkish government agency managing public works, a German industrial manufacturing firm, a Korean chemical manufacturer, and medical organizations/medical research facilities located in Japan and Canada).
None of the malware samples mentioned in the report was successful in reaching its intended targets, according to the report by Unit 42’s Adrian McCabe, Vicky Ray, and Juan Cortes.
“It is clear from these cases that the threat actors who profit from cybercrime will go to any extent, including targeting organizations that are in the front lines and responding to the pandemic on a daily basis,” the report said. “This trend is likely going to continue for weeks to come.”