13% of phishing attacks in Q1 were related to COVID-19

Positive Technologies’ latest cybersecurity threat report says that the number of cyberattacks in Q1 2020 was up by nearly a quarter compared to Q4 2019. Its experts found that:

  • the total number of attacks was up 22.5% compared to the last quarter of 2019
  • 13% of phishing attacks were related to COVID-19
  • 23 very active APT groups were targetting government agencies, industrial, financial and medical organisations
  • 34% of malware attack used ransomware
  • cybercriminals were using more than one type of malware, such as multifunctional trojans or injecting multiple types of malware into compromised devices.

“[Our] experts saw an increase in COVID-19 phishing emails from the second half of January,” comments Alexey Novikov, Director of PT Expert Security Center. “The pandemic situation was used both for mass malware campaigns and APT attacks.”

In Q1, Emotet, Remcos, AZORult, Agent Tesla, LokiBot, TrickBot, and many other trojans were distributed under the guise of official information about infection statistics, a vaccine, and prevention measures, allegedly coming from government authorities and medical institutions. Groups such as TA505, Hades, Mustang Panda, APT36, SongXY, and South Korean Higaisa also sent emails laced with malicious attachments related to the pandemic.

For these and other findings see Positive Technologies’ latest report on the cybersecurity threatscape.