Security News > 2020 > December > US seizes domains used for COVID-19 vaccine phishing attacks
The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines.
While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.
Threat actors have also targeted organizations involved in COVID-19 research and in the COVID-19 vaccine cold chain involving storing and delivering it at safe temperatures.
Vaccine research organizations from Canada, UK, and the US have been targeted throughout the year by the Russian state-sponsored APT29 hacking group with the end goal of harvesting intellectual property related to the vaccine's development and testing.
Threat actors affiliated with the People's Republic of China have also been involved in similar attacks according to a joint public service announcement issued by the FBI and DHS-CISA. Last but not least, Microsoft has also taken down domains used in COVID-19-related cybercrime such as harvesting sensitive information, later to be used in Business Email Compromise attacks.
News URL
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)