Cybercriminals cash in on users adjusting to a covidian world

ESET has released its Q2 2020 Threat Report, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research, including exclusive, previously unpublished ESET research updates.  

Threats related to the COVID-19 crisis defined the cybersecurity landscape in the second quarter of 2020, the Q2 2020 Threat Report shows.

“Our telemetry showed a continued influx of COVID-19 lures in web and email attacks, as well as an increase in attacks targeting Remote Desktop Protocol, with persistent attempts to establish RDP connections more than doubling since the beginning of the year,” comments Roman Kováč, ESET Chief Research Officer.

The ESET Q2 2020 Threat Report reviews the most important findings and achievements by ESET researchers. For example, they analyzed a ransomware operation targeting Android users in Canada under the guise of a COVID-19 tracing app. “We quickly put a halt to this operation and provided a decryptor for victims,” says Kováč.

Among many other findings, ESET researchers uncovered Operation In(ter)ception, which targeted high-profile aerospace and military companies; revealed the modus operandi of the elusive InvisiMole group; and dissected Ramsay, a cyberespionage toolkit targeting air-gapped networks.

Some exclusive research presented in the Q2 2020 Threat Report includes malicious Google Chrome extensions targeting hardware wallets for cryptocurrencies, a renewed targeted attack on a Hong Kong university by the Winnti Group, as well as further targeted attacks on high-profile defense- and military-focused companies in Brazil, Czech Republic, Qatar, Turkey, and Ukraine by the attackers behind Operation In(ter)ception.