Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19. Attackers are also setting up COVID-19-related domain names and enticing people to click on them.
Anomali recently released a report that identified at least 15 distinct COVID-19-related campaigns associated with 11 threat actors distributing 39 different malware families and employing 80 MITRE ATT&CK techniques. In January, the attacks typically were malicious emails that appeared to be notifications from welfare providers and public health sectors. In February, the attacks shifted to include remote access trojans (RATS). CheckPoint reported in March an increase of fraudulent COVID-19-themed domains. In mid-March, researchers noted that attackers were mimicking the Johns Hopkins coronavirus map.