Coronavirus Phishing Campaign

  • by
Corona Virus - Safekeep Cybersecurity

Last week, malicious actors were exploiting Coronavirus fears by sending malicious health information emails out to Japanese-language speakers.

While this specific Coronavirus-themed email campaign is narrow in its focus, it features malicious Microsoft Word documents, exploits a two-and-a-half-year-old vulnerability, and installs AZORult, an information stealing malware. The malware actors doing this appear to be from Russia and Eastern Europe, and while they aren’t part an APT group, they clearly understand the economic concerns surrounding the Coronavirus. All emails with Coronavirus-themes and attachments should be treated with caution, even if they don’t appear to be directly health related.

A Coronavirus-related shipping supply disruption would negatively impact each of the company types listed above and it’s clear these attackers are aware that a major event like Coronavirus can have secondary impacts on industries. This awareness demonstrates not just technical sophistication, but economic sophistication as well. In addition to the health concerns around Coronavirus, there are increased concerns globally about Coronavirus’ potential economic and international supply chain impact.

If you have any concerns about the e-mails you or your business is getting, contact us today to get a free consultation on what our services can offer for you.