Microsoft: COVID-19 themed malware on the decline

Microsoft: COVID-19 themed malware on the decline Cybersecurity

Microsoft says that despite all the headlines in the media over the past few months, malware attacks that took advantage of the coronavirus theme (COVID-19) have been anecdotal compared to the threats society sees every month.

These COVID-19 attacks included emails with malicious attachments (also known as malspam) and emails with malicious links that redirect users to phishing sites or malware downloads.

According to Microsoft’s Threat Protection Intelligence Team, the first COVID-19-themed attacks began after the World Health Organization (WHO) declared a global pandemic on January 30.

As the world yearned to learn more about the new disease, the attacks intensified and peaked in March when most countries in the world applied containment measures.

“The week after the declaration [de l’OMS], these attacks have increased eleven-fold, “said Microsoft.” By the end of March, every country in the world had seen at least one COVID-19-themed attack. ”

However, Microsoft says that the attacks plateaued soon after, as the public interest waned and the malware operators fell back into the routine.

Microsoft’s security team claims that most of the COVID-19 campaigns they have followed were highly localized. Campaigns generally targeted users from a specific country and exploited local news and local developments to increase the chances of the attack’s success.

Microsoft: COVID-19 themed malware on the decline

“They took advantage of our worry, confusion and desire for resolution,” said Microsoft, referring to the old adage that hackers would never let a good crisis go to waste.

In addition, while major players such as Lokibot, Emotet and TrickBot joined the attacks, Microsoft claims that these malware groups have not made any special efforts to exploit the COVID-19 theme.

Just as Proofpoint has reported before, Microsoft says that the criminal groups have reused the old attack infrastructure and have continued to deploy the same malware they used before. The only change was to update the old e-mail models to exploit the new crisis, since e-mails containing a subject relating to the pandemic were more likely to arouse the interest of the victims.

Currently, Microsoft claims that COVID-19-themed malware attacks have decreased, but they are still higher than what the company saw in early February when the attacks started, so they have not gone out yet.

In the future, Microsoft thinks they will persist as long as COVID-19 persists.

However, Microsoft says that malicious COVID19-themed campaigns are just an epiphenomenon in the general threat landscape, where most attacks continue to be typical patterns of phishing and identity theft.



Rate article