Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization (WHO) with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure.

Researchers at FortiGuard Labs on March 27 first observed the malicious COVID-19-themed scam, which claims to be from the WHO and attempts to address misinformation related to the pandemic to convince users it’s authentic. Instead, it sends an attachment that unleashes the infostealer LokiBot if downloaded and executed, according to a blog post published Thursday by threat analyst Val Saengphaibul.

Read more…
Source: ThreatPost