CyberNews Briefs

Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

A new spear-phishing attack using the World Health Organization (WHO) trademark to lure users has been discovered by researchers at FortiGaurd Labs. The researchers first observed the COVID-19 themed scam on March 27, reporting that threat actors have created a new spearphishing email campaign that spreads the LokiBot trojan. The email claims to be from WHO and states that it addresses misinformation related to the pandemic in the email.

However, the email instead contains a malicious attachment that installs the LokiBot information-stealing trojan on the victim’s device. Although the message, which is written in English, has some legitimate characteristics, it is clear that the cybercriminals who wrote it do not speak English as a first language due to some obvious grammatical issues.

Read More: Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.