The fresh wave of cyberattacks
Attackers are using malicious websites, phishing emails, and illicit markets that use COVID-19 vaccines as a lure to target people. In one of the latest incidents, a suspicious Microsoft Excel document is delivered via a malicious link.
The link prompts the recipient to execute Visual Basic for Applications (VBA) macros that lead to the execution of specific commands.
Hackers in this attempt also try to pull off a DLL Search Order Hijacking attack and security experts suspect that Goblin Panda threat group could be associated with the attack.
Experts also noted some of the malware samples deploying Cobalt Strike Beacon. These samples were found using domain fronting with Google services for C2 and further operations.
Other COVID-19 themed cyber attacks
Recently, SlashNext Threat Labs discovered a wave of spear-phishing attacks focused on businesses working to deliver COVID-19 vaccines and therapeutics to stop the pandemic.
A phishing campaign was discovered to be using the name of the U.K National Health Service. The email lures a recipient to accept the invitation for vaccination.
A phishing campaign was discovered in Mexico, using a website that was mimicking itself as the website of the medical laboratory “El Chopo.”
The attacks are ongoing since last year