Coronavirus cyber activity is receding, but has not abated. Today we bring you more scam highlights and key activity, including continued disinformation, ransomware, phishing, and even some non-coronavirus themes.
It seems threat actors are not letting up on unemployment scams. In its COVID-19 Key Developments, risk intelligence organization Flashpoint is tracking several actors advertising fraudulent methods to file for unemployment. Flashpoint is also monitoring conspiracy theory narratives combining COVID-19 and “Black Lives Matter” protesting activity that falsely pretends leading officials did not warn people about the health risks of the protests (this claim originated on Instagram and spread to other platforms).
Cyber criminals, hacktivists, and state-sponsored actors alike continue using COVID-19 themes. Cyber intelligence firm CrowdStrike reports an actual increase of impersonation attempts using organizations like WHO, CDC, HHS, hospitals, healthcare entities, and insurance companies. According to Adam Meyers, CrowdStrike’s Vice President of Intelligence, “This is an increasing problem and it demonstrates that the threat actors have found an unprecedented level of awareness around COVID-19…and they’re taking advantage of that and they’re capitalizing on it.”
And if that is not enough, there is another ransomware variant masquerading as a COVID-19 contact tracing app. Tripwire reports on CryCryptor, an Android-based ransomware. In typical fashion, malicious actors wasted no time – CryCryptor emerged just days after the Canadian government announced it would support the development of a national, voluntary tracing app for COVID-19 called “COVID Alert.”
Finally, cybersecurity firm CheckPoint highlights more COVID and some non-COVID phishing campaigns, including actors pivoting to lures regarding protest activity such as “Black Lives Matter.” Remember, if it is headlining or trending, it will be used in phishing.