• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Omicron Scam Targets Universities

You are here: Home / General Cyber Security News / Omicron Scam Targets Universities
December 7, 2021

Dozens of universities are currently being hit with a coordinated cyber-attack that works by using information of the Omicron variant as a lure to steal login credentials.

Evidence of the destructive phishing campaigns was dredged up from the murky depths of the cyber-felony underworld by scientists at the cybersecurity firm Proofpoint.

The universities targeted are generally based in North The united states and consist of the University of Central Missouri in Warrensburg, Missouri, and Vanderbilt University, a non-public study university in Nashville, Tennessee. 

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Researchers found the phishing emails to be commonly themed about tests facts and the latest in the line of COVID-19 variants to be discovered. One particular email matter line utilised by the attackers was “Attention Needed – Info Concerning COVID-19 Omicron Variant – November 29.”

“Proofpoint noticed COVID-19 themes impacting instruction establishments through the pandemic, but consistent, targeted credential theft campaigns making use of these kinds of lures concentrating on universities started in Oct 2021,” observed researchers.

“Adhering to the announcement of the new Omicron variant in late November, the menace actors commenced leveraging the new variant in credential theft strategies.”

Within the phishing e-mails are attachments or URLs for internet pages developed to harvest credentials for college accounts. While some campaigns function generic Office environment 365 login portals, other folks contain landing webpages made to mimic the formal login portal of the focused university. 

To make their malicious e-mail tougher to detect, danger actors powering the strategies sometimes direct victims to a legitimate university interaction immediately after harvesting the qualifications. 

Strategies that rely on malicious attachments have leveraged respectable but compromised WordPress websites to host credential-gathering web internet pages, including hfbcbiblestudy[.]org/demo1/involves/jah/[university]/auth[.]php and traveloaid[.]com/css/js/[university]/auth[.]php.

In some campaigns, menace actors spoofed multi-factor authentication (MFA) suppliers these types of as Duo to steal MFA credentials.

“Stealing MFA tokens permits the attacker to bypass the next layer of security designed to keep out threat actors who already know a victim’s username and password,” wrote scientists.

Recipients of the malicious e-mail might not be equipped to notify they are becoming focused by cyber-criminals only by on the lookout at the sender’s handle.

Scientists wrote: “Though several messages are sent via spoofed senders, Proofpoint has observed danger actors leveraging genuine, compromised college accounts to send out COVID-19 themed threats.”   


Some sections of this report are sourced from:
www.infosecurity-journal.com

Previous Post: «windows 10 drive by rce triggered by default uri handler Windows 10 Drive-By RCE Triggered by Default URI Handler
Next Post: Brothers Confess to Conning Spanish-speaking Americans Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Microsoft Acknowledges Zero-Day, Follina Office Vulnerability, Suggests Fix
  • Magniber Ransomware Now Targets Windows 11 Machines
  • Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise
  • EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
  • ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats
  • Russian Killnet cyber attacks begin on Italian-linked businesses
  • Three BEC Suspects Arrested in “Killer Bee” Sting
  • Zscaler and Siemens team up to provide all-in-one digital transformation solution
  • UK Privacy Tsar: Stop Excessive Data Collection from Rape Victims
  • Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak

Copyright © TheCyberSecurity.News, All Rights Reserved.