LokiBot Rides Fear of Coronavirus

Share On Facebook
Share On Twitter
Share On Linkedin

Coronavirus has become one of the malicious deceptions of choice this month. During the first week of March, LokiBot infostealer joined the list of malware being distributed by threat actor(s) taking advantage of the fear and interest in the spread of Coronavirus (COVID-19). From 3 to 6 March, we observed two malicious spam (malspam) email campaigns distributing LokiBot under the guise of providing information on Coronavirus’ impact on supply chains.

LokiBot has become a popular information stealer that collects credentials and security tokens from infected machines. Its code was leaked soon after it was first seen in 2015, which made it easy to modify and sell.

To find out more detailed information about this emerging threat please download our report here: https://insights.infoblox.com/threat-intelligence-reports/threat-intelligence–62

Labels:

Infoblox Threat Intel

Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access give us a backstage pass to the internet's inner workings. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox DNS Detection and Response solutions, so customers automatically get the benefits of it, along with ridiculously low false positive rates.

View All Posts

You might also be interested in

You might also be interested in

×