Capturing the Cyber Threats on Home Base Amidst COVID-19

Attacks on remote tools surge

• McAfee researchers reported a 630% rise in cloud-based cyber-attacks between January and April, 2020. These attacks were aimed at accessing cloud accounts with important credentials and targeted collaboration services like Microsoft Office 365.
• According to CheckPoint, cybercriminals also impersonated video-conferencing apps like Zoom, Google Meet, and Microsoft Teams to lure victims in different phishing and malware attacks.
• Several cyberattacks campaigns that leveraged fake VPN apps and unpatched VPNs were also carried out either to spread malware or trick users in scams.
• Additionally, Kaspersky recorded around 100,000-150,000 attacks on the Remote Desktop Protocol (RDP) since the start of the outbreak.

Old malware make their comeback

• According to Malwarebytes, the backdoor malware, NetWiredRC, which laid low for roughly five months in 2019, dramatically increased its activity by 200% by March 2020 when compared to last December.
• Detection of AveMaria remote access trojan also jumped to nearly 110% between February and March, 2020. The malware can provide remote desktop access and remote webcam control, with the additional ability to steal passwords.
• DanaBot, an invasive trojan and information stealer that can swipe online banking account credentials, had increased its activity by 160% between February and March 2020.
• TrickBot, LokiBot, and AZORult among other information-stealing malware made comeback in several Coronavirus-themed campaigns.

A sneak peek into other threats

• Though phishing campaigns appeared to be the most popular attack methods, cybercriminals found a new way to deliver their malware by hiding it in fake Coronavirus maps.
• Home shoppers are at a greater risk than ever as Magecart attacks on online retailers and banks increased by 20% during the pandemic.
• In addition, government-sponsored actors are trying to blend their attacks along with the flood of COVID-19-themed scams.