Active Stocks
Tue Apr 16 2024 15:59:30
  1. Tata Steel share price
  2. 160.05 -0.53%
  1. Infosys share price
  2. 1,414.75 -3.65%
  1. NTPC share price
  2. 359.40 -0.54%
  1. State Bank Of India share price
  2. 751.90 -0.65%
  1. HDFC Bank share price
  2. 1,509.40 0.97%
Business News/ Technology / News/  Covid-centric malware attacks drop in May, attacks related to jobs rise: Report
BackBack

Covid-centric malware attacks drop in May, attacks related to jobs rise: Report

In May, the security firm detected more than 158,000 coronavirus-related attacks on an average each week, a decrease of 7% since April
  • With the re-opening of businesses across the world, attackers have also started non-covid-19 related malicious activities
  • A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, hackers staged a cyber assault with a self-spreading malware that has infected tens of thousands of computers in nearly 100 countries. REUTERS/Kacper Pempel/Illustration (REUTERS)Premium
    A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, hackers staged a cyber assault with a self-spreading malware that has infected tens of thousands of computers in nearly 100 countries. REUTERS/Kacper Pempel/Illustration (REUTERS)

    Covid-19 related cyber-attacks during May declined by 7% compared to April, while conventional malware attacks increased by 16% compared to March and April, as many businesses resumed operations. Use of malicious CV and medical leave forms to spread banking trojans and infostealers also increased during May, cybersecurity firm Check Point reports.

    In May, the security firm detected more than 158,000 coronavirus-related attacks on an average each week, a decrease of 7% since April.

    With the re-opening of businesses across the world, attackers have also started non-covid-19 related malicious activities. In May, the firm detected a 16% increase in conventional malware attacks when compared to the period between March and April, when covid centric attacks grew.

    Further, researchers at Check Point found malicious files masquerading as CVs. These malicious files were spread through emails carrying attachments with .xls files. The email’s subject lines would say “applying for a job" or “regarding job." Opening the file would download the payload for ZLoader, a banking malware that steal credentials and other private information from users’ system. Once the system is infected, attackers can steal passwords and cookies stored in web browsers and use it to carry out illegal financial transactions using the victim’s system from their bank accounts without their knowledge.

    Some of the emails received by users in UK had the subject “CV from China" and carried an ISO file (CV.iso) that dropped a malicious .exe file (CV.exe). The .exe file was actually hiding an info-stealing malware and opening it installed it on the user’s machine.

    These attacks have doubled the US in last two months, with 1 out of every 450 malicious files revolving around CV scams, Check Point states.

    In addition to using malicious CVs, attackers have been using medical leave forms to spread Icedid malware, a banking Trojan.

    These malicious files were also sent through email with different subject lines like “The following is a new employee request form for leave." The emails were sent using different sender domains like medical-center.space to sound genuine and trick users into clicking on the file attachments.

    One such campaign was carrying the nefarious Trickbot, a banking trojan, which is also used as a payload to download other malwares. Its modular design allows attackers to modify it.

    Check Point recently reported increase in domain name registrations revolving around words like employment as many companies started laying off employees across the world. They found 250 such domains which were registered in May alone. Around 7% of these domains were malicious and 9% suspicious.

    Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

    ABOUT THE AUTHOR
    Abhijit Ahaskar
    Abhijit writes on tech policy, gaming, security, AI, robotics, electronics and startups. He has been in the media industry for over 12 years.
    Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
    More Less
    Published: 04 Jun 2020, 11:06 PM IST
    Next Story footLogo
    Recommended For You
    Switch to the Mint app for fast and personalized news - Get App