Expert Comments

North Korean State Hackers Reportedly Planning COVID-19 phishing campaign targeting 5M Across Six Nations

Expert(s): Security Experts
Expert(s): Security Experts

Singapore, Japan, and the US are amongst six nations targeted in a COVID-19 themed phishing campaign that is reportedly scheduled for June 21, during which 8,000 businesses in Singapore may receive email messages from a spoofed Ministry of Manpower account. North Korean state hacker group Lazarus are said to be behind the massive attack that will see more than 5 million businesses and individuals receiving phishing email messages from spoofed government accounts.

Experts Comments

June 22, 2020
Ilia Kolochenko
Founder and CEO
ImmuniWeb
Large scale phishing campaigns is a matter of daily routine. Some of them involve 0day vulnerabilities, or very recent and not yet patched vulnerabilities, while most of them have carefully selected contacts stolen from various sources or purchased on the Dark Web. There, you have readily available contacts of hundreds of millions of people available for sale, including recent law enforcement databases and governmental resources. Five millions contacts can be located in one day with a web.....Read More
Large scale phishing campaigns is a matter of daily routine. Some of them involve 0day vulnerabilities, or very recent and not yet patched vulnerabilities, while most of them have carefully selected contacts stolen from various sources or purchased on the Dark Web. There, you have readily available contacts of hundreds of millions of people available for sale, including recent law enforcement databases and governmental resources. Five millions contacts can be located in one day with a web browser and hundred of bucks in Bitcoin. Professional cybercriminals will unlikely discuss their upcoming hacking campaigns in a visible manner unless they aim to build a smoke screen a raise a false alert. Moreover, targeting enterprises with COVID-19 today borders to absurd, virtually all organizations now have internal memos or policies saying to distrust all and any COVID-19 related communications from any source. It seems that the allegedly detected campaign comes from script kiddies, not a nation-state threat actor.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

iPhone Bug Identified by Researcher, Patch Now Advised by Expert

Security Expert Re: New NIST Application Security Requirements – One...

Critical Flaw in vCenter Server Could Give Hackers Infrastructure Access

Malicious URLS Slipping Past Security Vendors, Experts Weigh In

Expert Comment: VMware Vulnerabilities Ripe For Exploitation

Comment: CISA, FBI, And NSA Release Joint Cybersecurity Advisory On Conti Ransomware

Google And Facebook For Failing To Tackle Online Fraud

MoD Shares Afghanistan Interpreter’s Emails & PII

APP Fraud Is A Simple Yet Extremely

U.S. Targets Crypto-Ransomware Payments with Sanctions, Cybersecurity Experts Weigh In

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy