Security News > 2020 > April > A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks
According to Google's Threat Analysis Group, more than a dozen nation-state-backed APTs are using the COVID-19 pandemic as a cover for their various cyberespionage and malware activities.
The email had an embedded tracking link, which Mandiant researchers said contained the victim's email address and a code to report back to the actors if the email was opened.
In all cases, researchers said the emails delivered the METALJACK loader, which displayed a Chinese-language titled COVID-19 decoy document while launching its espionage payloads.
Interestingly, TAG found that the general rate of APT attacks has stayed steady through the crisis - it's just that their tactics have changed in order to take advantage of the surging interest in anything having to do with COVID-19.
The firm found that cyberattackers in general have reached a peak of sending 1.5 million malicious emails per day related to the COVID-19 pandemic.
News URL
https://threatpost.com/nation-backed-apts-covid-19-spy-attacks/155082/