infostealer

CoronaVirus ransomware and infostealer attack

At the moment, scammers are trying to cash in by sending out emails that promise pandemic relief money. The emails impersonate official entities such as the U.S. Federal Reserve or other official institutions. With subject lines like “Receive Payment” or “Relief Payment Form”, anxious users are motivated to click on a link that redirects to a phishing website, which tries to steal personal information or online banking credentials. Other email variants use these stimulus bills as bait to deliver a password protected “COVID 19 Relief.doc” document that contains a financial trojan or ransomware.

And we still see waves of classic COVID-19 themed malware threats making the rounds. One such threat example that we came across recently dropped a combination of ransomware and infostealer malware.