https://www.cyberscoop.com/small-business-administration-spoof-ibm-coronavirus/
By Sean Lyngaas
CYBERSCOOP
April 27, 2020
With the U.S. Small Business Administration continuing to play a high-profile
role in getting cash to companies that are struggling because of the
coronavirus pandemic, cybercriminals are stepping up their efforts to steal
money from those very firms.
Research published Monday by IBM’s incident response team shows that attackers
are spoofing the SBA in emails to try to install a remote hacking tool capable
of stealing passwords and accessing webcams. They are exploiting attention on a
nascent SBA program that offers up to $10 million in lending per business.
If an unsuspecting recipient opens the emails found by IBM, a data-stealing
remote access trojan (RAT) known as Remcos can take control of the person’s
computer. It is another example of how, as U.S. agencies have opened their
spigots to provide hundreds of billion of dollars in relief to American
businesses during the pandemic, cybercriminals have looked to pounce.
The hackers are “exploiting the reliance of … small businesses on digital
updates to obtain guidance on how to receive federal aid,” the researchers
wrote in a blog.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
