Security News > 2020 > December > COVID-19 Vaccine Cyberattacks Steal Credentials, Spread Zebrocy Malware
Cybercriminals are tapping into the impending rollout of COVID-19 vaccines with everything from simple phishing scams all the way up to sophisticated Zebrocy malware campaigns.
Security researchers with KnowBe4 said that the recent slew of vaccine-related cyberattacks leverage the widespread media attention around the development and distribution of COVID-19 vaccines - as well as recent reports that manufacturers like Pfizer may not be able to supply additional doses of its vaccine to the U.S. large volumes until sometime in Q2. These lures continue to play into the high emotions of victims during a pandemic - something seen in various phishing and malware campaigns throughout the last year.
Researchers with Intezer recently discovered a new Zebrocy malware sample in a campaign that has the hallmarks of a COVID-19 vaccine lure.
The emails say, "Due to less stock covid-19 vaccine and high increase demand of the covid-19 vaccine distribution within the USA," they need to fill out a form in order to get on the vaccine distribution list.
COVID vaccine manufacturer Dr. Reddy's Laboratories was forced to shut down factories in Brazil, India, the U.K. and U.S. in late October, which were contracted to make the Russian vaccine "Sputnik V." And the APT group DarkHotel targeted the World Health Organization last March, in an attempt to steal any information they could find related to tests, vaccines or trial cures.
News URL
https://threatpost.com/covid-19-vaccine-cyberattacks-credentials-zebrocy/162072/