Coronavirus has become one of the malicious deceptions of choice this month. During the first week of March, LokiBot infostealer joined the list of malware being distributed by threat actor(s) taking advantage of the fear and interest in the spread of Coronavirus (COVID-19). From 3 to 6 March, we observed two malicious spam (malspam) email campaigns distributing LokiBot under the guise of providing information on Coronavirus’ impact on supply chains.
LokiBot has become a popular information stealer that collects credentials and security tokens from infected machines. Its code was leaked soon after it was first seen in 2015, which made it easy to modify and sell.
To find out more detailed information about this emerging threat please download our report here: https://insights.infoblox.com/threat-intelligence-reports/threat-intelligence–62