As Coronavirus Spreads, So Does Covid-19 Themed Malware

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,112
Content source
https://www.bleepingcomputer.com/news/security/as-coronavirus-spreads-so-does-covid-19-themed-malware/
Threat actors are still taking advantage of the ongoing COVID-19 global outbreak by attempting to drop Remcos RAT and malware payloads on their targets' computers via malicious files that promise to provide Coronavirus safety measures.

Yoroi researchers recently spotted a suspicious CoronaVirusSafetyMeasures_pdf.exe executable after it was submitted to their free Yomi Hunter sandbox-based file analysis service.

While the infection vector used by the attackers is not yet known, the most probable method of dissemination is a phishing campaign that would deliver it as an email attachment.

RAT used to steal keystrokes

As the Yoroi research team later discovered, the executable is an obfuscated Remcos RAT dropper that would drop a Remcos RAT executable on the compromised computer, together with a VBS file designed to run the RAT. [....]
Click to expand...
 
  • Like
  • Wow
  • +Reputation
Reactions: Gandalf_The_Grey, upnorth, Deletedmessiah and 5 others
P

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Time-stamped April 8, 2020 (today). Still going strong.

COVID-19 Exploited by Malicious Cyber Actors | CISA

www.us-cert.gov www.us-cert.gov

Antus67 said:
These Threat Actors are scums of the earth and need justice brought against them
Click to expand...

One recent tactic is to exploit people's need and anxious waiting for the government-issued stimulus checks. In the CISA article, you can see one way of how this is done. Making it so tempting, these beyond-criminals preying on people's financial desperation. (n)
 
  • Like
Reactions: silversurfer, Gandalf_The_Grey and upnorth
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
Replies
6
Views
1,736
News Archive
bribon77
bribon77
upnorth
    • Like
    • +Reputation
Agent Tesla Disguised as COVID-19 Vaccination Registration
Replies
0
Views
1,079
News Archive
upnorth
upnorth
Gandalf_The_Grey
    • Like
    • Wow
Stealthy new JavaScript malware infects Windows PCs with RATs
Replies
5
Views
1,407
News Archive
wat0114
wat0114

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top