North Korea’s Lazarus group is likely behind a planned coronavirus-related phishing campaign taking aim at more than 5 million businesses and people in the U.S. and five other countries June 21.

“The hacking campaign involved using phishing emails under the guise of local authorities in charge of dispensing government-funded Covid-19 support initiatives,” researchers at Cyfirma wrote in a blog post, describing a set of email templates aimed at accounts each country that they viewed. “These phishing emails are designed to drive recipients to fake websites where they will be deceived into divulging personal and financial information.”

The six countries targeted – India, Singapore, the U.S., the U.K., Japan and South Korea – share a common trait, the researchers said, explaining all “have announced significant fiscal support to individuals and businesses in their effort to stabilize their pandemic-ravaged economies.” Lazarus’s scheme is to impersonate government and other entities that oversee disbursing those funds.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.