Connect with us

Hi, what are you looking for?



US, Britain Warn That Hackers Increasingly Use Coronavirus Bait

US and British cybersecurity agencies warned Wednesday that foreign government-backed hacking groups are using coronavirus themes to ply their way into computers and networks.

US and British cybersecurity agencies warned Wednesday that foreign government-backed hacking groups are using coronavirus themes to ply their way into computers and networks.

The groups are sending phishing emails and setting up websites with COVID-19 virus subjects, aiming to lure users to click on links that will expose their computers to penetration or introduce malware.

Some use email and SMS subject lines like “2020 Coronavirus updates” or “Coronavirus outbreak in your city(Emergency)”, while others might offer an attached file with purported updates on national policies to deal with the pandemic, said an alert jointly issued by the US Cybersecurity and Infrastructure Agency and Britain’s national Cyber Security Center.

“APT groups are using the COVID-19 pandemic as part of their cyber operations, they said, referring to the “Advanced Persistent Threat” designation that Western intelligence agencies use for hacking operations tied to governments in Russia, China, North Korea and Iran.

“These cyber threat actors will often masquerade as trusted entities…. Their goals and targets are consistent with long-standing priorities such as espionage and “hack-and-leak” operations.”

In addition, the two cybersecurity agencies said, “cybercriminals are using the pandemic for commercial gain, deploying a variety of ransomware and other malware.”

They released 2,500 web addresses tied to the scams, warning that the situation is “fast-moving” so that the list is not exhaustive.

They gave examples of an SMS sent to phones in announcing coronavirus payments to residents, and saying to click on a link that is then used to harvest personal and banking information.

Advertisement. Scroll to continue reading.

A number of phishing emails in multiple languages pretend to come from the World Health Organization.

One sent to Italians purports to be from a senior WHO doctor and has an attached document detailing “precautions necessary to fight infection.”

The attachment introduces a batch file onto the computer which opens the way for a bot to permeate the user’s computer system.

One fake website pretends to be an official British government page for applying for COVID-19 relief to steal personal and financial account data.

In addition, the two cybersecurity groups said, hackers are trying to take advantage of the kinds of networking services millions of people are using to work from home.

They warn of the popular use of VPN tools that appear to offer security but in fact are commonly exploited by hackers, including products from Citrix, Pulse Secure, Fortinet and Palo Alto.

And the hackers have targeted conferencing apps like those of Zoom and Microsoft Teams, they noted.

“Malicious cyber actors are hijacking online meetings that are not secured with passwords or that use unpatched software,” they said.

Related: FBI Expects Increase in COVID-19-Themed BEC Scams

Related: Authorities Warn of Escalating COVID-19-Themed Cyberattacks

Related: Corporate Workers Warned of ‘COVID-19 Payment’ Emails Delivering Banking Trojan

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.