Information Security News mailing list archives
Hackers spoof SBA to try to compromise companies' computers
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 28 Apr 2020 05:33:01 +0000 (UTC)
https://www.cyberscoop.com/small-business-administration-spoof-ibm-coronavirus/ By Sean Lyngaas CYBERSCOOP April 27, 2020With the U.S. Small Business Administration continuing to play a high-profile role in getting cash to companies that are struggling because of the coronavirus pandemic, cybercriminals are stepping up their efforts to steal money from those very firms.
Research published Monday by IBM’s incident response team shows that attackers are spoofing the SBA in emails to try to install a remote hacking tool capable of stealing passwords and accessing webcams. They are exploiting attention on a nascent SBA program that offers up to $10 million in lending per business.
If an unsuspecting recipient opens the emails found by IBM, a data-stealing remote access trojan (RAT) known as Remcos can take control of the person’s computer. It is another example of how, as U.S. agencies have opened their spigots to provide hundreds of billion of dollars in relief to American businesses during the pandemic, cybercriminals have looked to pounce.
The hackers are “exploiting the reliance of … small businesses on digital updates to obtain guidance on how to receive federal aid,” the researchers wrote in a blog.
[...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Hackers spoof SBA to try to compromise companies' computers InfoSec News (Apr 27)