A new phishing campaign targeting U.S. users is trying to
deploy Remcos, a powerful trojan that allows an attacker to gain full control
of a victim’s computer, according to research from Microsoft Security
A multitude of phishing and spam campaigns directly
related to the situation created by the COVID-19 pandemic are active right now.
Bad actors try different approaches in their efforts to trick people into
sharing credentials or downloading malware.
With the economy directly affected by the pandemic,
people pay more attention to emails pretending to offer solutions, loans and
other types of financial support. Another effective approach is to scare people
with threats of account closures or company furloughs.
In this new campaign, the attackers are not interested in
phishing, but in deploying Remcos malware. If successfully deployed, the
malware can be used to steal credentials, control the PC remotely or even transform
the PC into a bot.
“We’re seeing pockets of Remcos campaigns targeting
specific sectors using various COVID-19 themed lures and atypical email
attachments,” said the Microsoft team on Twitter.
“Unlike more prominent malware, Remcos campaigns appear to be limited and
short-lived, an attempt to fly under the radar.”
In one message, the attackers pretended to represent the
US Small Business Administration, offering small businesses disaster loans. The
message contained an IMG file, which mounts as an image in Windows. The only
file was an executable that deployed Remco if run.
In a similar message, the attached file had a misleading
PDF icon, but was still an executable. In a third example, the message was
titled “COVID-19 related updates” and was directed at the members of the
American Institute of CPAs.
Among these messages, one was designed for South Korean
users and sought to impersonate the CDC’s Health Alert Network (HAN).
As usual, the best practice is never to open emails or attachments from unknown sources, and always make sure to have a security solution installed on the PC.
Here, at Bitdefender, we focus on protecting your devices from malicious activity and threats of all kinds. Now more than ever, we need autonomy and safety as we interact with the world through our internet-enabled devices. That’s why we have extended the trial for our best security suite, ensuring that you can take care of your family’s devices for up to 90 days. If you’re already set up, why not make an unexpected gift to your loved ones who might not be aware of emerging cyber threats?