New Phishing Scam Exploits COVID-19 Crisis To Spread TrickBot Malware – Comment From Security Expert

Microsoft Security Intelligence has revealed that the TrickBot malware is being spread via a new phishing campaign that exploits the current COVID-19 crisis. The campaign offers fake virus advice and testing, installing the malware via ‘macro-laced’ malicious attachments.

Experts Comments

April 21, 2020
Yana Blachman
Threat Intelligence Specialist
Venafi
The sad reality is that the COVID-19 situation offers even the most sophisticated APT groups the chance to execute phishing attacks that exploit the current crisis. TrickBot is no different. This sophisticated crimeware adapts quickly to the current situation and seizes the moment to ensure attack success. It’s also particularly nasty: once it’s on a user’s device, TrickBot tries to compromise the user’s SSH keys, which grant its operators control to a businesses’ sensitive.....Read More
The sad reality is that the COVID-19 situation offers even the most sophisticated APT groups the chance to execute phishing attacks that exploit the current crisis. TrickBot is no different. This sophisticated crimeware adapts quickly to the current situation and seizes the moment to ensure attack success. It’s also particularly nasty: once it’s on a user’s device, TrickBot tries to compromise the user’s SSH keys, which grant its operators control to a businesses’ sensitive information. SSH machine identities automate control over all manner of systems from datacentres to cloud environments. Stealing them gives the attackers control and gives them the power to create long term access since SSH keys don’t expire and most organisations – even those with sophisticated defences – never change them. This phishing campaign is a grim reminder that unless businesses have visibility over all their SSH keys in use across the datacentre and cloud, and automated processes in place to change them, these methods and the increasing theft of SSH keys will only continue.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.