Recent Posts

Recent Blog Posts

The PhishLabs Blog

COVID-19 Phishing Update: Workplace Concerns Exploited to Distribute Malware

Posted by Jessica Ellis on Apr 13, '20

In recent efforts to deliver attacks that abuse the novel coronavirus, threat actors are exploiting workplace concerns about outbreak prevention and shipment delays. Below are two examples sent with the intent of delivering malware. 

We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. 

2020-04-08 - Payload Other - INC1805551 - Preparing business and employers work environment for a coronavirus COVID-19 outbreak prevention
The first example uses tactics resembling an ongoing malspam campaign where Excel documents are the primary means of infecting computers with Zloader. The intent is for Zloader to download the banking trojan ZeuS. 

The sender comes from the burner email fladworthsimlis@aol.com.

 

2020-04-08 - Payload Other - INC1804096 - Your Shipment AWB 3357647591

The second lure spoofs a global logistics company to deliver Nanocore, a remote access trojan (RAT), via attachment. The sender address is 141.43.182.162.

Email links to: http://gbud.webd[dot]pl/images/COVID-19-04-01-2020.IMG

File hash: SHA256: 7b2adf1c8ff725d7dd61b0fdc3ef9e6e3a8bd1b744fd209290a1bf65f9b9acb4

Organizations are being strongly encouraged to overshare information that might safeguard employees during the pandemic. As a result, individuals are primed to expect changes as they relate to their companies. Threat actors need only repackage the messaging associated with past lures to conform with company concerns in a time of coronavirus. 

For more intelligence on COVID-19 threats, see our ongoing coverage.

Topics: COVID-19

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all