Coronvirus Phishing Campaign Targets Six Nations

The North Korean leader Kim Jong-un has reportedly instructed the hacker group, Lazarus, to use phishing scams to steal bitcoin and other crypto-currencies. Singapore, Japan, and the US are amongst six nations reportedly targeted in a COVID-19 themed phishing campaign.

The Lazarus Group has committed some notable crimes, such as the WannaCry ransomware attacks, hacking Sony, and stealing $81 million through cyberspace from the Bangladesh Central Bank.  Their latest scam is sending crypto executives an email about an open Chief Financial Officer position that contains an infected Microsoft Word document.

The North Korean state hacker group Lazarus are said to be ready to massively attack more than 5 million businesses and individuals who will receive phishing email messages from spoofed government accounts. This would include 8,000 organisations in Singapore where the business contacts highlighted in an email template were addressed to members of the Singapore Business Federation (SBF), according to a report from cybersecurity vendor Cyfirma

SBF is responsible for promoting Singapore businesses and currently represents 27,200 companies. The targeted Singapore businesses would reportedly receive phishing email messages, written in Chinese, from a fake Ministry of Manpower account, supposedly offering additional payouts for employees under the government's COVID-19 support packages. 

Opening the document attachment would trigger malware that would enable access to the victim’s computer.

It noted that governments in the six targeted nations all had announced funding support for enterprises and citizens to help them ride out the global pandemic, including Singapore, which said it would set aside almost SG$100 billion, and Japan, which unveiled 234 trillion yen in stimulus funds. 

Singapore's national cyber security agency SingCERT confirmed it received "information regarding a potential phishing campaign". It said there were "always" ongoing phishing attempts by various cyber-criminals that used different themes and baits and spoofed different entities.

This tactic remained a common and effective technique used to gain access to individuals' accounts, deliver malware, or trick victims into revealing confidential data.

Cyfirma said the phishing campaign was designed to impersonate government agencies and departments as well as trade associations that had been instructed to oversee the distribution of the COVID-19 financial aid. Their analysis identified seven email templates impersonating government agencies and business associations. 

SingCERT:       ZDNet:        CoinOunce:       Bitcoinist:

You Might Also Read: 

North Korean Hackers Specialise In Financial Theft:

 

« The Impact Of The Pandemic On Business Cyber Security
Who Actually Did Leak CIA Cyber Weapons Data? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Via Resource

Via Resource

Via Resource is a leading provider of information security recruitment and consultancy services.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

Verve Industrial Protection

Verve Industrial Protection

Verve specialize in providing software and services to help protect and secure critical industrial control systems.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

ID Experts

ID Experts

ID Experts is a leading provider of identity protection and data breach services for companies and individuals throughout the USA.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

MENAInfoSecurity

MENAInfoSecurity

MENAInfoSecurity is a regional leader in information security solutions, assurance services and managed services.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Acceptto

Acceptto

Acceptto offers the first unified and continuous authentication identity access platform with No-Password.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Dark Intelligence

Dark Intelligence

Dark Intelligence, created by Protective Intelligence, is the world’s first independent Dark Web Security Operations Centre.

SessionGuardian

SessionGuardian

SessionGuardian (previously SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.