Security News > 2021 > March > US seizes more domains used in COVID-19 vaccine phishing attacks

The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development.

Since December 2020, the US Department of Justice seized four other domains used by fraudsters for various nefarious purposes, including fraud, phishing attacks, and/or infecting targets' computers with malware.

"The Federal government is providing the vaccine free of charge to people living in the United States. We will continue to aggressively prosecute these fraudsters who seek to prey on unsuspecting residents and their families," Acting US Attorney Jonathan F. Lenzner said.

Threat actors have also targeted orgs associated with COVID-19 vaccine research and involved in the COVID-19 vaccine cold chain.

Chinese-sponsored hacking groups coordinated attacks targeting vaccine research orgs according to a joint public service announcement issued by the FBI and DHS-CISA. The Russian-backed APT29 hacking group has also targeted Canadian, UK, and US vaccine research organizations with the end goal of harvesting intellectual property related to vaccine testing and development.

Last but not least, Microsoft took down domains used in COVID-19-related cybercrime, such as harvesting sensitive information, later to be used in Business Email Compromise attacks.

News URL

https://www.bleepingcomputer.com/news/security/us-seizes-more-domains-used-in-covid-19-vaccine-phishing-attacks/