Posted on 06-11-2020.
Threat actors are now exploiting the Black Lives Matter campaign to distribute malware via email, which lures users to open an attached Microsoft Word file to “leave a review confidentially about Black Lives Matter.” The phishing emails’ subject line goes as “Vote anonymous about ‘Black Lives Matter.’” Once a user opens the attached file, it initiates the installation of the so-called TrickBot trojan. Initially, TrickBot began in 2016 as a banking trojan targeting Windows operating system to harvest emails, credentials, and steal banking information. However, the malware has evolved to perform other malicious tasks such as stealing cookies, OpenSSH keys, and Active Directory Services databases, among other things. A spokesperson for cybersecurity non-profit Abuse.ch, who discovered the attack on June 10, told Forbes:
“From what I see is that the spam campaign was pretty big, apparently hitting U.S. mailboxes. Historically, TrickBot is an e-banking trojan. However, these days TrickBot is heavily used by various threat actors to install additional malware on the victim's computer. In corporate networks, this usually leads to Ransomware such as Ryuk.”
“Emails include links to items of interest, such as ‘updated cases of the coronavirus near you.’ Landing pages for these false links may look legitimate, but the sites are often malicious and may be designed to steal email credentials.”This spring, cybersecurity firm Kaspersky Lab alone identified 403 users of its security products, who were attacked with around 500 coronavirus-related files. In late May, Minneapolis police were hit with a DDoS attack amid protests over the police killing of George Floyd earlier that week. The hackers attacked the PD’s website and promised to expose a history of crimes committed by the officers. Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.