Coronvirus Phishing Campaign Targets Six Nations

The North Korean leader Kim Jong-un has reportedly instructed the hacker group, Lazarus, to use phishing scams to steal bitcoin and other crypto-currencies. Singapore, Japan, and the US are amongst six nations reportedly targeted in a COVID-19 themed phishing campaign.

The Lazarus Group has committed some notable crimes, such as the WannaCry ransomware attacks, hacking Sony, and stealing $81 million through cyberspace from the Bangladesh Central Bank.  Their latest scam is sending crypto executives an email about an open Chief Financial Officer position that contains an infected Microsoft Word document.

The North Korean state hacker group Lazarus are said to be ready to massively attack more than 5 million businesses and individuals who will receive phishing email messages from spoofed government accounts. This would include 8,000 organisations in Singapore where the business contacts highlighted in an email template were addressed to members of the Singapore Business Federation (SBF), according to a report from cybersecurity vendor Cyfirma

SBF is responsible for promoting Singapore businesses and currently represents 27,200 companies. The targeted Singapore businesses would reportedly receive phishing email messages, written in Chinese, from a fake Ministry of Manpower account, supposedly offering additional payouts for employees under the government's COVID-19 support packages. 

Opening the document attachment would trigger malware that would enable access to the victim’s computer.

It noted that governments in the six targeted nations all had announced funding support for enterprises and citizens to help them ride out the global pandemic, including Singapore, which said it would set aside almost SG$100 billion, and Japan, which unveiled 234 trillion yen in stimulus funds. 

Singapore's national cyber security agency SingCERT confirmed it received "information regarding a potential phishing campaign". It said there were "always" ongoing phishing attempts by various cyber-criminals that used different themes and baits and spoofed different entities.

This tactic remained a common and effective technique used to gain access to individuals' accounts, deliver malware, or trick victims into revealing confidential data.

Cyfirma said the phishing campaign was designed to impersonate government agencies and departments as well as trade associations that had been instructed to oversee the distribution of the COVID-19 financial aid. Their analysis identified seven email templates impersonating government agencies and business associations. 

SingCERT:       ZDNet:        CoinOunce:       Bitcoinist:

You Might Also Read: 

North Korean Hackers Specialise In Financial Theft:

 

« The Impact Of The Pandemic On Business Cyber Security
Who Actually Did Leak CIA Cyber Weapons Data? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alarum Technologies

Alarum Technologies

Alarum Technologies (formerly Safe-T) is a global provider of cyber security and privacy solutions to consumers and enterprises.

Lanner Electronics

Lanner Electronics

Lanner Electronics is a leading hardware provider for advanced network appliances and industrial automation solutions including cyber security.

Hivint

Hivint

Hivint is a new kind of Information Security professional services company enabling collaboration between our clients to reduce unnecessary security spend.

Olfeo

Olfeo

Olfeo is a content filtering software vendor. Our proxy and filtering solution helps our customers to manage, monitor and secure their Internet traffic.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

Incognito Forensic Foundation Lab (IFF Lab)

Incognito Forensic Foundation Lab (IFF Lab)

IFF Lab is a premier cyber and digital forensics lab in India that offers forensic services and solutions, cyber security analysis and assessment, IT support, training and consultation.

WiJungle

WiJungle

WiJungle is an Indian Cyber Security Company that develops and markets a unified network security gateway solution.

Accelerator Frankfurt

Accelerator Frankfurt

Accelerator Frankfurt is an independent go-to-market program focused on Fintech, Cybersecurity and Digital B2B startups.

Network Center Inc (NCI)

Network Center Inc (NCI)

NCI is one of the largest IT solution providers in the Midwest. We specialize in industry specific technology solutions, service, support, and expertise for small to enterprise businesses.

Maritime Cyber Threats Research Group - University of Plymouth

Maritime Cyber Threats Research Group - University of Plymouth

The Maritime Cyber Threats research group of the University of Plymouth is focused on investigating marine cyber threats and researching solutions.

Cyber Security Cooperative Research Centre (CSCRC)

Cyber Security Cooperative Research Centre (CSCRC)

The CSCRC provides frank and fearless research and in-depth analysis of cyber security systems, the cyber ecosystem and cyber threats.

Acmetek Global Solutions

Acmetek Global Solutions

Acmetek is a Global Distributor and a Trusted Advisor of PKI /IOT & SSL Security Products and a Managed Services Company.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

ProvenRun

ProvenRun

ProvenRun is a leading provider of trusted software solutions with extensive expertise and an unwavering commitment to security.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.