Coronvirus Phishing Campaign Targets Six Nations

The North Korean leader Kim Jong-un has reportedly instructed the hacker group, Lazarus, to use phishing scams to steal bitcoin and other crypto-currencies. Singapore, Japan, and the US are amongst six nations reportedly targeted in a COVID-19 themed phishing campaign.

The Lazarus Group has committed some notable crimes, such as the WannaCry ransomware attacks, hacking Sony, and stealing $81 million through cyberspace from the Bangladesh Central Bank.  Their latest scam is sending crypto executives an email about an open Chief Financial Officer position that contains an infected Microsoft Word document.

The North Korean state hacker group Lazarus are said to be ready to massively attack more than 5 million businesses and individuals who will receive phishing email messages from spoofed government accounts. This would include 8,000 organisations in Singapore where the business contacts highlighted in an email template were addressed to members of the Singapore Business Federation (SBF), according to a report from cybersecurity vendor Cyfirma

SBF is responsible for promoting Singapore businesses and currently represents 27,200 companies. The targeted Singapore businesses would reportedly receive phishing email messages, written in Chinese, from a fake Ministry of Manpower account, supposedly offering additional payouts for employees under the government's COVID-19 support packages. 

Opening the document attachment would trigger malware that would enable access to the victim’s computer.

It noted that governments in the six targeted nations all had announced funding support for enterprises and citizens to help them ride out the global pandemic, including Singapore, which said it would set aside almost SG$100 billion, and Japan, which unveiled 234 trillion yen in stimulus funds. 

Singapore's national cyber security agency SingCERT confirmed it received "information regarding a potential phishing campaign". It said there were "always" ongoing phishing attempts by various cyber-criminals that used different themes and baits and spoofed different entities.

This tactic remained a common and effective technique used to gain access to individuals' accounts, deliver malware, or trick victims into revealing confidential data.

Cyfirma said the phishing campaign was designed to impersonate government agencies and departments as well as trade associations that had been instructed to oversee the distribution of the COVID-19 financial aid. Their analysis identified seven email templates impersonating government agencies and business associations. 

SingCERT:       ZDNet:        CoinOunce:       Bitcoinist:

You Might Also Read: 

North Korean Hackers Specialise In Financial Theft:

 

« The Impact Of The Pandemic On Business Cyber Security
Who Actually Did Leak CIA Cyber Weapons Data? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

Capita

Capita

Capita is a consulting, digital services and software business, providing end-to-end enterprise IT services and solutions focused around digital transformation and innovation.

Computest

Computest

Computest security testing services include Mobile app security, Vulnerability assessments, Attack & penetration testing, Security awareness training, Network security assessments.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

Internet Solutions (IS)

Internet Solutions (IS)

Internet Solutions (IS) provide ICT solutions in areas including cloud computing, connectivity, data centres, commmunications and security.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS) is a non-profit organization dedicated to the recruitment, retention and advancement of women in the cybersecurity field.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

Realsec

Realsec

RealSec is an international company and is a developer of encryption and digital signature systems and Blockchain for the Banking and Methods of Payment sectors, Government and Defense and Multisector

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

Cisilion

Cisilion

Cisilion's mission is simple – to transform and connect business with next-generation IT infrastructure. Our expertise includes enterprise networking, security, data centre & cloud, managed services.