Coronovirus Brings NanoCore Back from Dark Web
In December, we blogged about how easily accessible the NanoCore Rat was on the Dark Web, and how threat actors were using the malware to target manufacturing companies. These days, cybercriminals are using NanoCore and a handful of other malicious tools to focus on another, more generic target, paranoia surrounding a potential pandemic.
This month, cybercrooks have been spreading conspiracy theories and lies about the global Coronavirus outbreak to prey on the general public’s fears about the virus. According to Computer Weekly, this latest round of attacks using Coronavirus as bait not only includes Emotet and the AZORult information stealer, but also NanoCore and the AgentTesla keylogger, all of which can steal personal data.
Computer Weekly also reported while Coronavirus-related attacks once targeted companies operating in shipping and logistics, they have expanded to include energy, healthcare, construction, education, industrial and manufacturing.
There are three phishing attacks to watch for specifically:
- One attack sends an email utilizing e-document website DocuSign. This attack claims a vaccine and cure have been developed, but they have been covered up by the U.S. and Chinese governments. The email claims the recipient can click a link to access the vaccine and cure, but it directs them instead to a malicious website.
- Another attack disguises itself as an email from the president at a targeted company. The message will contain a Microsoft Word attachment with an embedded URL that takes victims to a fake Microsoft Office website where they are asked for their credentials. The link then redirects them to the genuine World Health Organization.
- NanoCore is being used in an attack throughout Germany that attempts to appeal to concerns around factory shutdowns by pretending to be updates from suppliers. In reality, it lures targets into installing the NanoCore remote access trojan (Rat), giving cybercriminals full control over their system.
Cybercriminals can hide from you, but they can’t hide from 2W Tech. 2W Tech is a full-service IT Consulting firm that specializes in the manufacturing industry and has IT Consultants on staff that are experts in security solutions. Give us a call today to learn more about making sure your business and employees are protected from the dangers and hackers lurking in the Dark Web.