Researchers are warning of an ongoing phishing attack that’s targeting the credentials of more than 100 high-profile executives at a German multinational corporation that’s tasked with procuring coronavirus medical gear for Germany.
The company, left unnamed by researchers, is part of a task force created March 30 by the German government and the private sector to procure personal protective equipment (PPE) for healthcare workers on the front lines of COVID-19, such as face masks and medical equipment. The task force consists of nine companies, including car manufacturer Volkswagen, pharmaceutical company Bayer, airline Lufthansa, chemical firm BASF and shipping company DHL, who are leveraging their access to foreign markets to purchase and deliver PPE to German ministries.
Researchers who discovered the phishing attack believe its perpetrators may be targeting multiple firms, and third-party supply chain partners, associated with the task force.
“The threat actors behind this campaign targeted more than 100 high ranking executives in management and procurement roles within this organization and its third-party ecosystem,” said Claire Zaboeva, cyber-threat researcher with IBM X-Force, in a Monday analysis. “Given the extensive targeting observed of this supply chain, it’s likely that additional members of the task force could be targets of interest in this malicious campaign, requiring increased vigilance.”
German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign - Security Intelligence
IBM X-Force Incident Response and Intelligence Services uncovered a precision-targeting phishing campaign exploiting the race to secure essential PPE.