Hackers have launched a global spear-phishing campaign to target several organizations.
The targeted organizations are involved in the process of COVID-19 vaccine distribution and have been under the radar of hackers since September 2020. Researchers have reported that the cold chain of vaccine distributors are being targeted by hackers.
US Cybersecurity and Infrastructure Agency (CISA) has alerted the organizations involved in the storage and distribution of the vaccine. The organizations are suggested to review the indicators of compromise (IoCs) and ensure the effectiveness of their defenses.
The phishing emails, dating to September, targeted organizations in Italy, Germany, South Korea, the Czech Republic, greater Europe, and Taiwan, including the European Commission’s Directorate-General for Taxation and Customs Union.
Hackers have sent out emails masqueraded as requests for quotations for participation in a vaccine program. They have also used the name of an authentic China-based cold chain distributor to make the emails look more authentic.
The phishing emails contain various credential-stealing HTML links that redirect to malicious login pages. Identities of threat actors are not yet clear but the main purpose of the attack seems to be harvesting login credentials.
NPAV recommends users and organizations to stop getting involved with these emails. COVID-19 and the fear that surrounds it are being used by hackers to fulfill their malicious intentions. Stay updated and believe only in genuine sources of information.
Install NPAV on your devices to keep them safe and secure from all kinds of cyberattacks. Use NPAV and join us on a mission to secure the cyber world.