The COVID-19 pandemic has seen a spike in scams, phishing and malware across all platforms and attack vectors. The latest mid-year threat landscape report from Bitdefender shows that in May and June, an average of 60 percent of all received emails were fraudulent.
In addition there’s been a five-fold increase in the number of coronavirus-themed attacks and a 46 percent increase in attacks aimed at home IoT devices.
IoT malware has become versatile, robust, and is constantly updated. IrcFlu, Dark_Nexus7 and InterPLanetary Storm are some of the examples malware that gained in popularity during the first half of 2020.
Bitdefender researchers have found a DNS hijacking attack on a popular brand of home routers, used by attackers to redirect victims to malware-serving websites promising applications that offer new and up to date information about the pandemic outbreak.
Mobile malware has been quick to capitalize too, with malware developers rushing to weaponize popular applications, such as the Zoom video conferencing application, used by employees now working from home. Packing RAT (Remote Access Trojan) capabilities, or bundling them with ransomware, banking malware, or even highly aggressive adware, Android malware developers were also fully exploiting the pandemic wave.
Some legitimate Android developers even used the pandemic to tweak content on Google Play application webpages to gain better ranking, mostly for applications under the Health and Fitness or Medical categories.
The report's author's note, "A defining characteristic of the first half of 2020 in terms of threats and malware is that they all played on the same theme: the pandemic. A spike in scams, phishing and malware across all platforms and attack vectors seems to have been a direct result of cybercriminals leveraging issues related toCovid-19 to exploit fear and misinformation."