Catching Cybercriminals Exploiting the Pandemic
Since the initial outbreak of COVID-19, cybercriminals have since found many ways to take advantage of anxious and fearful users. There have been reports of TrickBot campaigns, Ryuk ransomware targeting hospitals, and hackers hijacking routers’ DNS to spread malicious COVID-19 Apps. The DomainTools Security Research Team recently discovered a website luring users into downloading an Android application under the guise of a COVID-19 heat map.
Alongside the devastation of the pandemic, and opportunistic threat actors, we have seen both security organizations, vendors, and individuals do everything they can to minimize additional hardship. We thank them for their ongoing work and dedication. In an effort to support making the Internet a safer place, we have provided a free, curated list of high-risk COVID-19 related domains.
This webinar will demonstrate how to proactively identify these types of campaigns and provide defenders with strategies to keep themselves, their families, and organization safe. Join Senior Security Researcher, Chad Anderson and Senior Security Engineer & Malware Researcher, Tarik Saleh to walk through the entire process of identifying a nefarious domain, mapping connected infrastructure, and reverse-engineering a ransomware attack.
In this webinar you will learn how:
- The DomainTools Security Research Team initially discovered the website luring users into downloading a nefarious Android Application
- Mapping connected infrastructure led to additional IoCs and attribution
- Security Researchers conducted ransomware analysis and reverse-engineered the decryption key
- To proactively identify these campaigns and stay a step ahead of threat actors