Cyber Criminals Leverages Zoom for Attacks
With schools closing down and organizations implementing working from home to avoid the threat of the Coronavirus outbreak. Video communication platforms are becoming the daily norm. Of course as the usage of these platforms increases, cyber threat actors are keen to leverage this to their advantage.
One of the most commonly used video communication solution today is Zoom. Due to its growing popularity, cyber criminals has started registering domains that has "zoom" in its name. According to a research done by
Checkpoint Security. More than 1700 new domains have been registered since the beginning of the year and 25 per cent of them have been registered in the past week. Four per cent of those registered domains were found to contain suspicious characteristics. Zoom, however, is not the only application that cyber criminals are targeting. New phishing websites have been established for many of the leading communications applications, including the official classroom.google.com website, which has been impersonated by googloclassroom\.com and googieclassroom\.com.
|
Image from Checkpoint Research Blog |
In addition, researchers have detected malicious files with names such as "zoom-us-zoom # # # # # # # # # # # # # # .exe" and "microsoft-teams V#mu#################.exe" (# representing different digits). Running these files would lead to the installation of the notorious InstallCore PUA on the victim's computer, which may potentially lead to further malicious software installation.
As a reminder to all of us, be cautious of emails and files obtained from unknown senders, particularly if they give special offers or discounts. Don't open unrecognized attachments or click links inside emails and lastly, Beware of lookalike-domains, spelling errors in emails and blogs, and unknown email senders.
Check out there full write up
here
No comments:
Post a Comment