More than 12 government-backed hacker groups are exploiting the COVID-19 pandemic as cover for digital reconnaissance and espionage, a new report by Google’s Threat Analysis Group finds.
An excerpt from reporting by Lily Hay Newman at Wired:
On Wednesday, Google’s Threat Analysis Group published findings about two of the state-sponsored campaigns it’s been tracking. One “notable” effort, according to the researchers, targeted US government employees through their personal email accounts with phishing messages posing as coronavirus-related updates from fast food chains. TAG says that some of the emails included coupons or free meal offers framed as pandemic specials, and others promoted malicious links as portals to order food online. If victims clicked the links, they were taken to phishing pages aimed at collecting their Google login credentials. TAG says that Gmail automatically marked the vast majority of these emails as spam and blocked the malicious links.
“Hackers frequently look at crises as an opportunity, and COVID-19 is no different,” TAG director Shane Huntley wrote in a blog post about the findings. “Across Google products, we’re seeing bad actors use COVID-related themes to create urgency so that people respond to phishing attacks and scams.… TAG has specifically identified over a dozen government-backed attacker groups using COVID-19 themes as lure for phishing and malware attempts—trying to get their targets to click malicious links and download files.”
TAG says it isn’t aware of any accounts that were compromised as a result of the fast food campaign, and Google notified all the targeted users with its standard “government-backed attacker” warning. The company said last Thursday that it has been identifying more than 240 million Covid-related spam messages per day and that the previous week it had detected 18 million phishing and malware emails related to the pandemic each day. Overall, Gmail blocks more than 100 million phishing emails daily.
In addition to the effort focused on US government workers, TAG also said it has been seeing new campaigns targeted at international health organizations, public health agencies, and the individuals who work for them. Some of the activity lines up with reporting from Reuters at the beginning of April that the Iran-linked hacking group Charming Kitten targeted the personal email accounts of World Health Organization staffers
Read the rest at WIRED:
In 1977, Steve “Woz” Wozniak used a neat hack to bring color to the Apple II computer. According to IEEE Spectrum, the obscure trick, called NTSC artifact color, “allows digital systems without specialized graphics hardware to produce color images by exploiting quirks in how TVs decode analog video signals.” That hack later was employed by […]
Fandango dang sure isn’t selling movie theater tickets anymore. And Walmart appears to be easing out of the video-on-demand business, and into… something else.
U.S. telecommunications giant Verizon is today reported to be acquiring the videoconferencing company Blue Jeans Network in a transaction valued somewhere in the neighborhood of 500 million dollars.
We all know it’s a different world out there now than the one where we made New Year’s resolutions and waited for the end of winter just a few months ago. If you weren’t a germaphobe then, it’s likely the onset of COVID-19 has at least made you much more conscious of the spread of […]
On the web, security is always critical. But when a company feels its systems have been infiltrated by a hacker or outside force, usually the only recourse is for their IT security team to start the long process of pouring over data logs, building analysis tools and rooting around for unusual behavior. Thankfully, Amazon Web […]
As many of us all settle into our new home office situations, there’s a distinct possibility this could be the new status quo for quite some time. A bad chair or a less than ergonomically supportive posture might have been passable when you sat at your home office desk for an hour or two here […]