BTC USD 98,150.4 Gold USD 2,691.18
Time now: Jun 1, 12:00 AM

Hati-hati! Malware dari penggodam berunsur koronavirus

Ms Senorita

Active Member
Messages
1,640
Joined
Mar 31, 2014
Messages
1,640
Reaction score
326
Points
41
New York (CNN Business) Penjenayah kini cuba mengeksploitasi kebimbangan orang ramai mengenai situasi wabak koronavirus dengan cuba menggodam akaun e-mel, media sosial, dan perbankan, pakar keselamatan siber memberi amaran.

Penggodam akan menghantar e-mel dengan cara memberikan maklumat mengenai coronavirus, tetapi ia sebenarnya bertujuan untuk menipu orang ramai supaya memberikan kata laluan mereka, menurut pakar-pakar di firma perisikan ancaman siber terkemuka FireEye berkata pada Khamis. Ada juga mengandungi malware yang boleh mengakibatkan komputer mangsa dikawal oleh penggodam.

"Kami mendapati pelaku mahu mendapatkan wang dengan menggunakan situasi wabak koronavirus melalui pelbagai cara, berikutan dari peningkatan jumlah mangsa yang agak dramatik dari bulan ke bulan sejak Januari hingga hari ini," kata FireEye dalam ucapan ringkas yang disediakan untuk pihak media dan telah dikongsi bersama CNN Business.

Ben Read, Pengurus Kanan, analisis perisikan siber di FireEye menjelaskan bahawa, penggodam kerap mengeksploitasi krisis dan berita-berita lain yang mungkin membuatkan orang ramai bimbang tentang bahayanya. "Ia adalah taktik yang sama tetapi dengan cara yang berbeza," katanya.

Tetapi jarang sekali berlaku situasi/keadaan yang menarik minat dan perhatian global seperti koronavirus, katanya. Hasil dari keadaan itu, penggodam akan memberi fokus kepada pandemik. E-mel merupakan cara komunikasi yang penting, penyedia perkhidmatan, pejabat kerajaan dan sekolah menggunakannya untuk berkongsi maklumat tentang langkah keselamatan, penutupan serta apa-apa perubahan yang berlaku. Penggodam akan mengambil kesempatan cuba meniru mesej tersebut, kata Read.

FireEye memberikan butiran mengenai emel berunsur penipuan itu yang bertajuk : "D-19 Segalanya yang perlu anda ketahui."

E-mel itu berunsur penipuan yang mengandungi pautan kepada dokumen FAQ coronavirus (COVID-19-FAQ).

"Sekiranya anda menerima e-mel seperti itu dari WHO (Organisasi Kesihatan Sedunia) dan biasanya anda tidak menerima e-mel dari WHO, anda perlu mengambil langkah berhati-hati," kata Read.


=============================================================

Cybercriminals are trying to cash in on the coronavirus, experts warn

New York (CNN Business)Criminals are exploiting the public's fears about the coronavirus to try to break into their email, social media, and banking accounts, cybersecurity experts have warned.

Hackers are sending emails purporting to provide information about the coronavirus but are designed to trick people into handing over their passwords, experts at the leading cyber threat intelligence firm FireEye said Thursday. Some even contain malware that could take over a victim's computer.

"We've seen financially motivated actors using coronavirus themed phishing in many campaigns, with dramatic month-over-month volume increases from January through to today," FireEye said in a brief prepared for media and shared with CNN Business.

Ben Read, senior manager, cyber espionage analysis at FireEye, explained that hackers regularly exploit crises and other news events that people might be concerned about in attacks. "It's the same tactic with a different coat of paint," he said.

But rarely does an event garner so much shared global interest and concern as the coronavirus, he said. As a result hackers have particularly focused on the pandemic. Email has been an important mode of communication, with service providers, government offices and schools using it to share information about safety measures, closures and other changes. Hackers, in turn, may try to mimic those messages, Read said.

FireEye provided details of what it said was a malicious email that had the subject line "D-19 Everything you need to know."

The email contained a malicious link to a coronavirus FAQ document.

He advised people to take the same standard steps they should always take like exercising caution before clicking on links in emails and to be wary of any emails or messages that you aren't expecting.

"If you get an email that looks like it is from the WHO (World Health Organization) and you don't normally get emails from the WHO, you should be cautious," Read said.

Sumber : CNN
 
Last edited:
Sponsored Post

Cyberattack hits US health department amid coronavirus crisis

608358.jpg


The US Department of Health and Human Services, a key part of the federal response to the fast-spreading coronavirus outbreak, was hit by an unspecified "cyber incident" on March 15, officials said on March 16.

HHS Secretary Alex Azar said there was "no data breach”. US National Security Council spokesman John Ullyot said HHS networks "are functioning normally at this time" and that officials are investigating the matter.

Department spokeswoman Caitlin Oakley said there was a "significant increase in activity on HHS cyber infrastructure" on March 15 but that HHS was "fully operational”.

Neither Ullyot nor Oakley gave other details as to the nature of the problem. Bloomberg News, citing unnamed sources, said there had been multiple hacking incidents that appeared aimed at slowing the department's systems.

On Twitter, a Bloomberg reporter said the incident involved "overloading the HHS servers with millions of hits" – an apparent reference to a denial-of-service in which a fire hose of digital traffic is directed toward a website in a bid to knock it offline.

Such incidents are common and rarely bring down government sites. The department website appeared to be accessible on March 16.

Bloomberg tied the incident to the release of a statement by the US National Security Council just before midnight on March 15 that denied rumours of a national quarantine, saying that text messages suggesting otherwise were fake. "There is no national lockdown," said the statement, which was posted to Twitter.

It is not immediately clear how the denial of service would have been related to the fake quarantine rumours.

Reacting to the report, Senator Ben Sasse of Nebraska said that Americans "should expect an increase in cyberattacks and stay vigilant" as the nation increasingly becomes absorbed in the fight against the virus. – Reuters

Sumber : The Star
 
Mass move to work from home in coronavirus crisis creates opening for hackers -cyber experts

Workforce-Aging-1_pexels.com_.jpg


TEL AVIV/WASHINGTON (March 19): As people disperse to their homes to work and study because of the coronavirus pandemic, taking their laptops and company data with them, cyber security experts say hackers will follow, seeking to take advantage and infiltrate corporations.

Government officials in the United States, Britain and elsewhere have issued warnings about the dangers of a newly remote workforce, while tech companies are seeing surges in requests to help secure out-of-office employees. At Cisco Systems Inc, for example, the number of requests for security support to support remote workforces have jumped 10-fold in the last few weeks.

"People who have never worked from home before are trying to do it and they are trying to do it at scale," said Wendy Nather, a senior advisor with Cisco’s Duo Security who has spent the past decade working from home for various jobs.

She said the sudden transition would mean more scope for mistakes, more strain on information technology staff, and more opportunity for cyber criminals hoping to trick employees into forking over their passwords.

Criminals are dressing up password-stealing messages and malicious software as coronavirus-themed alerts, warnings, or apps.

Some researchers have found hackers masquerading as the U.S. Centers for Disease Control and Prevention in a bid to break into emails or swindle users out of bitcoin, while others have spotted hackers using a malicious virus-themed app to hijack Android phones.

Advanced cyber spies also appear to be exploiting the coronavirus outbreak that has infected https://tmsnrt.rs/3aIRuz7 more than 210,000 people and killed 8,700 worldwide.

Last week researchers at Israeli company Check Point discovered suspected state-backed hackers using a booby-trapped coronavirus update to try to break into an unidentified Mongolian government network.

On Friday U.S. cyber security officials released an advisory warning companies to update their Virtual Private Networks (VPNs) and be on guard against a surge of malicious emails aimed at an already disoriented workforce. On Tuesday, Britain’s National Cyber Security Centre issued a six-page leaflet for businesses managing remote employees.

Cyber criminals are alert to the work from home trend "and they are doing what they can to use it to infiltrate into organizations," said Esti Peshin, head of the cyber division at state-owned Israel Aerospace Industries, Israel’s largest defense contractor.
The opportunities for hackers are manifold.

Many workers are moving their employers’ data from professionally managed corporate networks to home WiFi setups protected with basic passwords. Some organizations are loosening restrictions to allow employers to access work-critical information from their bedrooms or home offices.

Working from home might expose employees to lower-tech threats too, including theft or loss of electronic equipment or plain human error by employees adjusting to a new environment.

Cisco's Nather said the new population of work-from-home employees might also be a boon for tech support scammers, impersonators who pretend to be trying to fix an IT problem in an effort to gain control of a target’s computer.

Israel's Peshin said that networks used by school children and college students were also at risk as they are forced to take classes online from home because their institutions have been shuttered in the crisis.

"Remote learning sites tend to be not encrypted and insecure," Peshin said, calling them "very ripe grounds for cyberattacks against children."

Sumber : the edge markets
 
Sponsored Post

CG Sponsors




Back
Top
Log in Register