A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks

2020-04-23 14:50

According to Google's Threat Analysis Group, more than a dozen nation-state-backed APTs are using the COVID-19 pandemic as a cover for their various cyberespionage and malware activities.

The email had an embedded tracking link, which Mandiant researchers said contained the victim's email address and a code to report back to the actors if the email was opened.

In all cases, researchers said the emails delivered the METALJACK loader, which displayed a Chinese-language titled COVID-19 decoy document while launching its espionage payloads.

Interestingly, TAG found that the general rate of APT attacks has stayed steady through the crisis - it's just that their tactics have changed in order to take advantage of the surging interest in anything having to do with COVID-19.

The firm found that cyberattackers in general have reached a peak of sending 1.5 million malicious emails per day related to the COVID-19 pandemic.

News URL

https://threatpost.com/nation-backed-apts-covid-19-spy-attacks/155082/

#APT #attack #covid19 #SPY

News URL

Related news