Last Updated on May 26, 2020

It’s time to publish the second timeline of April, covering the main cyber attacks occurred between April 16 and April 30 (including three events occurred in the first half of the same month. Due to the COVID-19 crisis, the level of activity continues to be quite high. In this timeline I have collected 92 events, less than the 104 events collected in the first timeline of April, but equally an important number.

So the pandemic continues to characterize the threat landscape, nearly one quarter of the events is somehow related to COVID-19: we have seen opportunistic phishing campaigns exploiting the fear, but also targeted cyber espionage operations against institutions involved in the fight against the virus.

Other interesting events include two mega breaches against an Android app store, and an online children game, a partially failed attack against two cryptocurrency exchanges (the attackers were probably unmasked and returned part of the stolen funds, and the discovery of Florentine Banker, a cybercriminal group able to steal $1.3 million dollars in a sophisticated Business Email Compromise operation.

The list of cyber espionage is equally quite rich, and includes operations from well-known actors such as Winnti (AKA APT41) and Ocean Lotus (AKA APT32), long lasting campaigns like PerSwaysion, targeting high-ranking executives at more than 150 companies since 2019, and a couple of campaigns exploiting iOS vulnerabilities.

But now it’s tim to browse the timeline, and read the details of each event. Of course you can share the timeline to support my work and spread the risk awareness across the community. And don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.