Security News > 2021 > March > US seizes more domains used in COVID-19 vaccine phishing attacks

The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development.
Since December 2020, the US Department of Justice seized four other domains used by fraudsters for various nefarious purposes, including fraud, phishing attacks, and/or infecting targets' computers with malware.
"The Federal government is providing the vaccine free of charge to people living in the United States. We will continue to aggressively prosecute these fraudsters who seek to prey on unsuspecting residents and their families," Acting US Attorney Jonathan F. Lenzner said.
Threat actors have also targeted orgs associated with COVID-19 vaccine research and involved in the COVID-19 vaccine cold chain.
Chinese-sponsored hacking groups coordinated attacks targeting vaccine research orgs according to a joint public service announcement issued by the FBI and DHS-CISA. The Russian-backed APT29 hacking group has also targeted Canadian, UK, and US vaccine research organizations with the end goal of harvesting intellectual property related to vaccine testing and development.
Last but not least, Microsoft took down domains used in COVID-19-related cybercrime, such as harvesting sensitive information, later to be used in Business Email Compromise attacks.
News URL
Related news
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- US cities warn of wave of unpaid parking phishing texts (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)