Because of Coronavirus, millions of people are working from home. At the same time, people are curious about Coronavirus related news, so they are visiting many websites to get the latest news about the Coronavirus pandemic. Check Point Research report shows that hackers are exploiting the COVID-19 outbreak to spread their own infections. Let’s have a look at different types of attacks that have happened for the last two months.
Offering hacking services
In a previous report, Coronavirus-related domains are 50% more likely to be malicious than other domains registered during the same period, and higher than recent seasonal themes. They have been registered since the start of January. Researchers underlined that “0.8 percent of these domains were found to be malicious (93 websites), and another 19 percent were found to be suspicious (more than 2,200 websites).”
Some hackers use the tools available for purchase at a discounted price. They use slogans like “CoronaVirus Discount! 10% off ALL products”. Hackers are promoting their goods. Another hacking group SSHacker who has described themselves as “dedicated to providing the best hacking services since 2005” offers the service of hacking into Facebook account for a 15% discount with the “COVID-19” promo code.
Attacks in many ways from different groups
Essentially hospitals and testing centers have been attacking by phishing campaigns that distribute malware such as AZORuIt, Emotet, Nanocore RAT, and TrickBot via malicious links and attachments.
APT36, a Pakistani state-sponsored threat actor, attacked the defense, embassies, and the government of India, by using Coronavirus-themed document baits. They deployed the Crimson Remote Administration Tool (RAT) onto target systems.