Security News > 2020 > December > US seizes domains used for COVID-19 vaccine phishing attacks
The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines.
While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.
Threat actors have also targeted organizations involved in COVID-19 research and in the COVID-19 vaccine cold chain involving storing and delivering it at safe temperatures.
Vaccine research organizations from Canada, UK, and the US have been targeted throughout the year by the Russian state-sponsored APT29 hacking group with the end goal of harvesting intellectual property related to the vaccine's development and testing.
Threat actors affiliated with the People's Republic of China have also been involved in similar attacks according to a joint public service announcement issued by the FBI and DHS-CISA. Last but not least, Microsoft has also taken down domains used in COVID-19-related cybercrime such as harvesting sensitive information, later to be used in Business Email Compromise attacks.
News URL
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Phishing scams and malicious domains take center stage as the US election approaches (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)