Nigerian cybercriminal actors are shamelessly exploiting the COVID-19 pandemic to infect government health care agencies, academic medical programs, medical publishing firms and more with malware, largely for the purpose of conducting Business Email Compromise operations.

In a company blog post, researchers with Palo Alto Networks' Unit 42 threat intelligence team have reported observing three prominent actors launch a total of 10 coronavirus-themed BEC phishing campaigns between January 30 to April 30. Local utilities and utilities have also been among the targets of these scammers, whom collected Unit 42 refers to as SilverTerrier.

Unit 42 has tied eight campaigns directly or indirectly one single Nigerian actor who has used a variety of phishing email content disguised as official COVID-19 updates and information to distribute the remote access trojans/spyware Agent Tesla and NanoCore, and the LokiBot information stealer.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.