skip to Main Content

Cybercrime, COVID-19 themed malware exploit Cloud Environments

Palo Alto Networks: COVID-19 themed malware exploit Cloud Environments

Over 300 COVID-19 themed malware samples communicated with 20 unique IP addresses and domain indicators of compromise (IOCs). It has been discovered by Palo Alto Unit 42 cyber security experts. After querying Prisma Cloud for network connections to these 20 suspicious IOCs between March 1 and April 7, 2020, researchers found a total of 453,074 unique network connections across 27 unique cloud environments. It is not clear if each of the 27 identified organizations were in fact compromised with coronavirus themed cybercrime code, as researchers were not able to view the network traffic nor did they receive the malware samples themselves which initiated the witnessed connections. Nonetheless, these network connections should be considered highly suspicious due to the fact that the destination endpoints have a documented history of malware operations.

Back To Top