New Threat Research: Analyzing CryptoJS Encrypted Phishing Attempt 

Read Threat Research


Indian Government Officials Target in COVID-19 Phishing Scam

A COVID-19 related phishing campaign has been targeting Indian government officials via Whatsapp, text, and email. Those who received SMS messages were being asked to provide a vaccination record on a cloned site, but they first had to enter their email address and password. The messages users were receiving stated “as per directives of the Ministry of Health and Family Welfare (MoHFW), Confirm your COVID status on and generate your vaccination certificate.” Other officials received phone calls from someone claiming to be from the Army hospital stating that they needed officials to update their vaccination status via a link being sent over Whatsapp. A defense ministry official received a Google Drive link via email as well that was asking for information regarding post-vaccination measures. Due to the pandemic still causing a majority of Indian officials to work from home, it is likely more COVID-19 related scams will be seen.

Analyst Notes

Those who receive messages like the ones mentioned above are advised not to open them, or at least don’t click on links and enter passwords until they can be verified with a trusted source. It’s best to have Multi-Factor Authentication (MFA) required to prevent a stolen password from being the one mistake that lets an attacker have full control of a sensitive account or VPN. In the event an attack does result from phishing attempts, it is always good to have protective measures in place such as the Binary Defense Security Operations Center. Dedicated analysts provide 24/7 monitoring solutions of SIEM and endpoint detection systems to detect and defend from intrusions on an organization’s network.