A study by Cyfirma, the cybersecurity vendor, has revealed that North Korean hackers are reportedly preparing a massive phishing campaign to take advantage of the COVID-19 crisis, which will be launched on June 21 by the hacker group, Lazarus. The campaign will allegedly target six nations and over 5 million businesses and individuals.
On June 18, it has been reported Lazarus will subject Singapore, Japan, India, the United Kingdom, South Korea, and the United States to a massive phishing campaign.
However, hackers will reportedly attempt to take advantage of people receiving payments established by several countries in an attempt to mitigate the COVID-19 crisis.
The report said that Lazarus seems to be impersonating government accounts using fake e-mails. They ask recipients to visit fraudulent websites that ask for money and save their personal data.
In the past, the North Korean hackers have preferred to be paid in cryptocurrencies, as there are no additional details about the specific methods Lazarus group will use to gather money from their victims.
A Cyfirma’s spokesperson said:
“On June 1, the platform picked up an early indicator from Korean-speaking community discussing a folder called ‘Health-Problem-2020’ and that was when we uncovered the entire campaign targeting the USA, UK, Japan, South Korea, India and Singapore. This global phishing campaign is well-planned across all fronts, leveraging social engineering to lure individuals and businesses into divulging personal and financial information. Citizens and business owners are in desperate need of these government fiscal support packages and chances of them falling prey to this phishing attack is very high.”
Cyfirma clarified that they have not yet seen URLs for the phishing sites found in the e-mail templates gathered during their research, but expect that such information will be revealed soon.
Thus, they also stated that the governments of the targeted countries have been warned about the upcoming Lazarus campaign.