Check Point analysts reported that hackers are actively exploiting the BLM (Black Lives Matter) theme for attacks and noted increase in the activity of cybercriminals, connecting it with weakening of the isolation regime.
In June, the average number of attacks per week increased by 18% compared to May of this year. It is noted that the number of cyberattacks related to the theme of coronavirus decreased by 24% compared with the previous month.
“The number of phishing attacks related to COVID-19 is significantly higher in those regions where the self-isolation mode has not been canceled. For example, in Europe and North America, where business is returning to normal, there is a sharp decrease in the number of attacks associated with coronavirus”, – write the researchers.
At the same time, countries in Latin America and Africa that are still struggling with the epidemic are suffering from frequent attacks involving COVID-19.
Despite the fact that the number of “coronavirus” attacks is decreasing, fraudsters use other media topics for their malicious campaigns. A striking example of this is the global protests associated with the Black Lives Matter (BLM) movement.
In early June, when the protests peaked, Check Point researchers discovered spreading of spam campaigns related to BLM.
Attackers attached to their letters a text document with the following topics: “Leave a review anonymously about Black Lives Matter” and “Vote anonymously about Black Lives Matter”. In each of these files, was hidden the Trickbot banking trojan.
“If you receive a letter from an unknown sender, be careful. By opening an attachment or clicking on the link inside, you can automatically download a malicious file. We are now seeing a trend towards phishing attacks with the use of domain names, such as Microsoft Office 365. They are less likely to reach a potential victim. Despite the fact that the self-isolation regime in some regions is waning, the number of cyberattacks will only grow in the nearest future. The coronavirus pandemic has become the catalyst for another global process – cyber pandemic”, — said Check Point Software Technologies.
According to Check Point, the number of weekly attacks increased in June by 18% compared with the average in May. However, the number of coronavirus-related attacks is declining. So, in the first week of June were recorded 129,796 attacks, which is 24% less than in May. It is noted that in the first two weeks of June, were registered 2451 new domains associated with coronavirus. Of these, 4% (91) were considered malicious and 3% (66) – suspicious.
As we said, in connection with the protests, GitHub will replace the term “master” with a more neutral one.