Email Security against network attacks take advantage of disaster news
APT Attack Hackers related to the governments of China, North Korea, and Russia were arrested using Email Phishing to broadcast COVID-19 and infect malware (malicious code) on victims’ computers, from which hacked. Public Email systems of other countries.
APT hackers of these countries will not miss the opportunity to attack the network by taking advantage of global coronavirus pandemic news as bait. The hackers are trying to inject malicious code on victims’ computers, then gain access to the enterprise’s network infrastructure through the Company Email system. So Email Security is always the first task of every business.
In the first weeks of March 2020, cybersecurity experts discovered that state-sponsored hackers from China, North Korea, and Russia were conducting campaigns to attack user emails with malicious malware.
The hackers attack Business Email through the news of the Covid-19 pandemic is not new for some people who are monitoring and managing Email Security and network security for businesses.
The Cyberspies (cyberspies) did not miss any information on the mass fires. From the terrorist attack in Paris in November 2015 to the suppression of Uyghur people in China, … state-sponsored Hacker groups always know how to create good opportunities to attack Business Email and gain Get the maximum results.
Dramatic disasters on a large scale are always great conditions for Hacker’s cyberattack campaigns to be most successful.
Email Security from the Russia Hacker
The first group of state-sponsored hackers took advantage of the coronavirus news called “Hades”, which is known to be based in Russia and specifically related to the APT28 attack - led by the “Fancy Bear” Hacker group. ”Done before. The “Fancy Bear” group also hacked into DNC (Democratic National Convention) in 2016.
According to a cybersecurity company, “Hacker Hades” also carried out a cyber attacking campaign in mid-February 2020 when they hid a “C # backdoor trojan” in decoy document files that lured the latest news about COVID. -19.
Malware Emails are distributed to Business Email users in Ukraine, they are masquerading as emails from the Community Health Center of Ukraine Ministry of Health.
Victims using Business Emails targeted by hackers often receive fake emails that falsify the actual disease situation. They often exaggerate the problem, the purpose of confusing the victim and easily letting their guard down with the script traps built into Email Phishing.
Step 1: The “Hacker Hades” will simultaneously send the Spam Email giving “latest news about coronavirus” across Ukraine.
Step 2: The “latest news on coronavirus” will be spread on social networks to make victims more confident about the serious news about the COVID-19 epidemic.
According to a report from BuzzFeed News (USA), that these Spam emails contain Malware that attacks Business Email users and they also receive great support from the information deliberately hacked by hackers. created, in order to create an extremely controversial controversy on the social network community in Ukraine.
Specifically, the information “Hacker Hades” misrepresented as follows:
“In a city of Ukraine, people have isolated the hospital systems, the interior, and exterior of the country, with the purpose of completely separating foreign patients from carrying Covid-19 disease to the country. Ukraine ”.
The incident was escalated with many rumors in the online community, which hackers deliberately seeded in the direction they wanted, in order to cause panic for all Ukrainians about the false information about the epidemic. sick.
From there, the Spam emails have the opportunity to open more, and successfully activate the Malware to invade the Business Email system.
Email Security from the North Korea Hacker
Hacker groups taking advantage of the next Covid-19 news was discovered from North Korea in late February 2020. Although their tricks are considered less sophisticated than the “Hacker Hades” that once targeted the nation of Ukraine.
According to the information posted on the Twitter website of a South Korean cybersecurity company, IssueMakersLab. IssueMakersLab has announced that hackers are carrying out “Malware BabyShark” infection campaigns with Phishing Emails to user email systems in government organizations in South Korea.
BabyShark is a dangerous malware that has been used before by a group of Korean hackers called “Hacker Kimsuky”.
Specifically, Hackers create fake Domain Name Email Accounts to send Malware Email Phishing to internal government email users about the documents: “details of the Korean response to the Covid-19 epidemic”.
Email Security from the China Hacker
According to cybersecurity experts, most of the coronavirus reported cyberattacks that have taken place over the past two weeks have come from China.
Everyone knows that China is the country with the largest number of coronavirus infections and deaths in the world. It will not be a surprise to the world that the number of cases and deaths in China keeps increasing. But if the information goes that “China has managed to contain the disease in its country” then this is the No. 1 news in the world. Grasping that mentality, Chinese hackers have made it the perfect and most successful cyberattack.
1. Email Security in Vietnam
Hacker group APT detection named ”Mustang Panda”
A cybersecurity company in Vietnam has just announced the discovery of a cyber attack on Vietnam from early March 2020.
The APT Hacker Group was discovered as “Mustang Panda” which is a hacker backed by the Chinese government.
Initially, hackers also sent Spam emails to Business Email accounts in Vietnam.
The content of the scam script revolves around news such as “announcement of coronavirus outbreak from Prime Minister Nguyen Xuan Phuc”. Attached to the Email Spam is the malware with a compressed.Rar file attached.
Specifically, the hackers installed the “Basic Backdoor Trojan” on the victim’s computers downloaded the email attachment and extracted this .Rar file.
2. Email Security in Mongolia
A cybersecurity research center said it had tracked a Chinese hacker group called “Vicy Panda”. This group has targeted government organizations in Mongolia with informational materials related to the new incidence of coronavirus infection.
Hotline: (028) 7306 8789