Cybercriminals threaten to hack EU hospitals in latest COVID-19 vaccine scamOctober 7, 2021
Cybersecurity experts have uncovered a new COVID-19 vaccination scam involving hackers tricking victims into providing their personal information under the assumption that cybercriminals can hack into European Union hospitals and falsify vaccination records.
DarkOwl, the cybersecurity firm that uncovered the scam, notes that the EU Digital COVID Certificate program and most EU hospitals have stringent cybersecurity measures in place to protect user data.
But hackers that are allegedly part of a gang called Xgroup are offering to add non-vaccinated people to the national COVID-19 vaccine registers that feed into the EU database, asking victims for a trove of personal data under the guise of theoretically adding it to the EU Digital COVID Certificate program. DarkOwl’s lead analysts said they believe the culprits behind the scam are based in the US.
“This is very likely a scheme to steal people’s information and money. Scammers are always willing to prey on the vaccination-hesitant and those who desire a record of vaccination without actually getting the vaccine,” DarkOwl CEO Mark Turnage told ZDNet.
“The offer has been circulated across multiple darknet forums and discussion groups. The cyber criminals also host a dedicated hidden service promoting their services. This very well could be a scam and they do not have the skills or access to actually hack any EU hospitals’ vaccination databases. Nevertheless, the idea is novel and it not out of the realm of possibility that hospitals are vulnerable to such record alterations.”
Turnage said Xgroup is a relatively new brand without any known direct attributions to cyberattacks. The group does market itself as being able to “ruin someone’s life” through hacking social media accounts and financial accounts.
Researchers with DarkOwl said the group has also posted “recruitment” advertisements across malware and “hacking” forums for personnel with penetration testing and criminal hacking experience.
While the scam is focused mostly on pilfering information from vaccine-hesitant victims, Turnage noted that ransomware as a service gangs have demonstrated they can easily exploit hospital information systems for their extortion agendas. Significant parts of the healthcare system in Ireland were brought down by a ransomware group this summer.
“Therefore, we must consider the remote possibility that this is a legitimate offer on the darknet. Hospitals in the EU should be aware of this possibility and mitigate with increased security and auditing of logs accordingly,” Turnage said, adding some advice to those considering turning to the darknet for fake COVID-19 vaccination verifications.
“Don’t be foolish enough to pay anyone money for fake vaccination records (digital, paper certificate, or otherwise).”
In their report on the scam, DarkOwl researchers said Xgroup is offering to hack into…