N Korean hackers may attack 20 lakh Indians with Covid-19 phishing emails, cyberthreats to follow
India is among six nations that could witness a major cyber attack from North Korean state hackers on June 21 in the form of a Covid-19 themed phishing campaign.
The attack is said to be a part of the large-scale campaign by the Lazarus Group targeting more than 50 lakh individuals and companies, including small and large enterprises, across six countries: India, Singapore, South Korea, Japan, the United Kingdom, and the United States, according to a ZDNet article on Friday.
Targeted email recipients are asked to visit fraudulent websites and reveal their personal and financial information.
Data of 11 lakh individual email IDs in Japan, another 20 lakh in India, and 180,000 business contacts in the UK were claimed by Lazarus' hackers.
The attack would include 8,000 organizations in Singapore where members of the Singapore Business Federation (SBF) were addressed with the business contacts highlighted in an email template, the report said.
Introduced by the Ministry of Trade and Industry in 2001, SBF is responsible for the promotion of businesses in Singapore and currently represents 27,200 companies.
Singapore companies received phishing emails from a spoofed account of the Ministry of Manpower, supposedly offering additional payouts for employees under the Covid-19 support packages of the government.
##Actions:
They have notified government CERTs (Computer Emergency Response Team) in Singapore, Japan, South Korea, India, and the USA, as well as the UK National Cyber Security Center, according to Cyfirma's founder and CEO Kumar Ritesh.
All six agencies had identified the warning and are currently investigating.
They have also tracked hacker activities related to the COVID-19 pandemic over the past six months, in particular with regard to hoax, phishing and scam campaigns
The Lazarus group is controlled by the Bureau of General Reconnaissance, the primary intelligence office in North Korea.
The activities of the Lazarus Group have been widely reported since it has been blamed for the 2014 cyber attack on Sony Pictures Entertainment and the 2017 WannaCry ransomware attack on countries like the US and UK.