It comes as no surprise but remains worth noting, that criminal phishbait and pretexts for online scams closely track current events. The Wall Street Journal, having talked to a range of security companies, reports that US-election-themed spam remains high. And Tech Republic, citing Trustwave scanning of dark web souks, writes that COVID-19 is also a hot brand in the criminal markets. Phony COVID cures, counterfeit travel documents, and scam-call services are being pushed vigorously.
A study released this morning by Zscaler finds a close connection between a surge in ransomware and the continuing pandemic. The researchers are also observing a marked increase in malicious SSL traffic, suggesting that criminals are finding this form of encryption attractive as a way of avoiding inspection and detection. It’s not a foolproof way of evading defenses, but there may be some relaxed vigilance with respect to SSL.
Compal, the Taiwan-based computer manufacturer that’s the world’s second largest laptop maker, is said to have sustained a ransomware attack over the weekend. ZDNet, which sources the reports to media in Taiwan, also reports that a Compal executive denied any ransomware attack but did acknowledge an unspecified hacking incident. Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu are among Compal’s customers.
Infosecurity Magazine reports that prices of a batch of RDP credentials belonging to some 7500 educational institutions have dropped in two Russophone criminal markets. Digital Shadows confirmed to the publication that the price fell last week from BTC 25 (roughly $387,000) to BTC 10 (about $155,300).