Threat group TA505 behind Locky ransomware and Dridex banking Trojan has now resurfaced with their campaign of malicious Covid-19 attachments via phishing emails to lure users to click on the malicious links which supposedly will aware them of the updates regarding the pandemic of Corona virus. The campaign has emerged at a very crucial time when the people around the world have their eyes on the possible vaccine or any other treatment in these trying times. Once delivered, attackers can then download additional types of malware including banking Trojans and ransomware. TA505 is known as one of the most significant financially motivated threat actors due to the extraordinary volumes of messages they send.
COVID-19 Everything you need to know