Reports indicate that there has been a global increase in malicious cyber activity related to COVID-19. Bad actors are preying on fear and attempting to profit from it. Among these attacks were targeted email phishing attempts against US-based medical providers. These attempts leveraged email subject lines and content related to COVID-19 to distribute malicious attachments, which exploited Microsoft Word Document files, 7-zip compressed files, Microsoft Visual Basic Script, Java, and Microsoft Executables.
The FBI is providing indicators of compromise related to these phishing attempts to assist network defenders in protecting their environments. Additionally, the FBI is providing the attached list of hashes related to additional COVID-19 phishing. APCO is passing this information along to ensure that our members have the latest tools available to defend against this threat. Please share this information with your IT departments, vendors, and service providers as you see fit.