have been seeing a growing volume of Coronavirus and COVID-19-themed
cyber attacks in the past month. In response, we have been working to
collect and curate a set of open-source intelligence around these
campaigns. We wanted to let you know that these resources are now
available to you.
has just released two key resources that you can access via ThreatStream:
- Anomali COVID-19 Campaign Threat Model
- Anomali has identified 15
distinct campaigns associated with 11 threat actors or groups
distributing 39 different malware families using 80 various MITRE
ATT&CK techniques to date, and this number will continue to
- Anomali COVID-19 Threat Bulletin
- The Anomali COVID-19 Threat
Bulletin provides both a narrative summarizing all COVID-19 related
attacks we have been tracking, and over 6,000 unique indicators of
compromise (IOCs) that can be acted upon immediately.
of the Threat Bulletin, all COVID-19-related IOCs have been tagged with
“COVID-19” and “Coronavirus.” The goal is to make it easy for you to
access and react to these evolving threats. Anomali customers can
automate threat response by enabling real-time defenses against these
attacks by synchronizing IOC’s into your security controls.
contact the Anomali COVID-19 team if you’d like any help with
this new threat intelligence.