Security News > 2020 > December > US seizes domains used for COVID-19 vaccine phishing attacks
The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines.
While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.
Threat actors have also targeted organizations involved in COVID-19 research and in the COVID-19 vaccine cold chain involving storing and delivering it at safe temperatures.
Vaccine research organizations from Canada, UK, and the US have been targeted throughout the year by the Russian state-sponsored APT29 hacking group with the end goal of harvesting intellectual property related to the vaccine's development and testing.
Threat actors affiliated with the People's Republic of China have also been involved in similar attacks according to a joint public service announcement issued by the FBI and DHS-CISA. Last but not least, Microsoft has also taken down domains used in COVID-19-related cybercrime such as harvesting sensitive information, later to be used in Business Email Compromise attacks.
News URL
Related news
- China names alleged US snoops over Asian Winter Games attacks (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation (source)