Prolific hacking group APT41 exploited COVID-19 fears

BlackBerry’s Research & Intelligence team has revealed a state-sponsored campaign that looks to exploit people’s hopes for a swift end to the pandemic in a bid to entrap its victims.  Once on a user’s machine, the threat blends into the digital woodwork by using its own customised profile to hide its network traffic.

Connecting the dots between seemingly disparate malware campaigns, BlackBerry has been able to link prolific Chinese cyber threat group, APT41, to the campaign.

It shows that the group has exploited Cobalt Strike software using a bespoke Malleable C2 Profile – the group uses publicly available profiles designed to look like legitimate network traffic from Amazon, Gmail, OneDrive and others. This tactic was first used in a blog post, published the same month as COVID-19 lockdowns began in Europe and the US.

Techniques include phishing lures targeting victims in India, containing information related to new tax legislation and COVID-19 statistics. These messages masqueraded as being from Indian government entities.

APT41 has led malware campaigns related to financially motivated criminal activity and espionage dating as far back as 2012. This group has targeted organisations globally across a number of sectors travel including healthcare, news, education and telecoms.

These findings show that the APT41 group is still regularly conducting new campaigns, and that they will likely continue to do so in the future.

 

To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here.

Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio

Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Christina Alexander Judge - SecurityBuyer

Christina Alexander Announced as Security Buyer Awards Judge

Security Buyer is proud to announce Christina Alexander as the latest addition to the distinguished judging panel for the Security…
Milestone - SecurityBuyer

Milestone Systems updates across XProtect, BriefCam, Arcules

Milestone Systems today announced updates across its complete security technology portfolio with releases for XProtect
Big Interview Abdullah Tanoli

Big Interview – Hero of Leicester Square

Rebecca Spayne of Security Buyer has the privilege of speaking with a real-life hero, Abdullah Tanoli, the hero of Leicester Square..
Altronix - SecurityBuyer

Altronix POE367 Delivers 277VAC Support

Altronix has expanded its power product line with the new POE367 power supply/charger designed specifically for 277VAC input environments.
IFPO x GSA - Security Buyer

New Corporate Members for IFPO

The Global SecurAlliance (GSA)summer meeting on 16 June was held again at the stunning Château de Méry-sur-Oise on the outskirts of Paris.
Product Spotlight - HID

Product Spotlight – HID

Access control is evolving into a smart, responsive platform—integrating embedded apps, IoT, and cybersecurity to deliver…
Genetec

Genetec brings new capabilities to Security Center SaaS

Genetec announced new updates to Security Center SaaS, the company’s enterprise-grade Security-as-a-Service (SaaS) solution..
I-Pro

i-PRO Launches Revamped EMEA Partner Program

i-PRO announced a major expansion of its EMEA Partner Program. The move supports i-PRO’s long-term growth strategy and…
ASIs international

ASIS International Introduces New ANSI-Approved Investigations Standard

ASIS International, a leading authority in security standards, is excited to announce the release of its revised American National Standards.
Gallagher Security and Yusuf Bin Ahmed Kanoo Company Limited sign MOU in Riyadh

Gallagher Security MOU with Yusuf Bin Ahmed Kanoo Company

Gallagher Security is proud to announce the signing of a Memorandum of Understanding (MOU) with Yusuf Bin Ahmed Kanoo Company…
Scroll to Top