Covid-19: State-backed players join pandemic cyber crime attacks


Network cables are seen going into a server in an office building in Washington, DC. Hades, linked to the APT28 which is believed to be of Russian origin and behind an attack on the US Democrat party in 2016, was the first state-backed group to use the epidemic as bait, Thales’ cyber intelligence service reported. — AFP

PARIS: Sophisticated state-supported actors are following cybercriminals in exploiting the coronavirous pandemic and posing an "advanced persistent threat" (APT), French defence technology giant Thales warned March 30.

Hades, linked to the APT28 which is believed to be of Russian origin and behind an attack on the US Democrat party in 2016, was the first state-backed group to use the epidemic as bait, Thales' cyber intelligence service reported.

"According to the cyber security company QiAnXin, Hades hackers waged a campaign in mid-February by hiding a Trojan horse in bait documents (...) disguised as e-mail from the Ukrainian health ministry's public health centre," Thales said.

"These targeted emails seem to have been part of an even bigger disinformation campaign that affected the entire country on different fronts," with the aim of creating panic in Ukraine, it added.

Vicious Panda, a group believed to be of Chinese origin, was behind "a new campaign against the Mongolian public sector", Thales said, quoting the US-Israeli firm Checkpoint.

Mustang Panda, also believed to be Chinese in origin, "managed to target Taiwan using new lures," linked to the coronavirus, while Kimsuky, suspected to be of North Korean origin, continues to attack targets in South Korea, and APT36, a group said to have Pakistani origins, has gone after Indian targets.

Thales also warned of a proliferation of fake virus information applications for Android that exploit public demand.

The company said several sources confirmed that half of the domain names set up since December linked to Covid-19 themes are exposed to malware.

"It seems that the cyber threat ecosystem is following the geographical spread of Covid-19 with attacks first in Asia, then eastern Europe and now in western Europe," Thales noted. — AFP

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!
   

Next In Tech News

NYPD officers, bystander save man who fell on subway tracks
India regulator asks One 97 Communications unit to reapply for payment aggregator licence
Mercedes-Benz criticized for hiding fast acceleration behind paywall
Catfishing cosmonauts, scamming soldiers: Never fall in love online?
Opinion: Billionaires like Elon Musk, Sam Bankman-Fried didn’t save the world. They wrecked it. Let’s take it back
Elon Musk says Twitter's ban on Trump after Capitol attack was 'grave mistake'
Metaverse is a risk to human social skills, Abba Voyage producer says
South Korean capital launches self-driving bus experiment
Crypto lender Genesis subject of probe by regulators - Barron's
Binance CEO Zhao says don't fight crypto, regulate it

Others Also Read