---
title: "Cyber Security News Update, Week 12 of 2020 | DuoCircle"
description: "By now you should know that coronavirus is being used to phish victims. And now apparently, it’s also being used to launch ransomware…on smartphones."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/"
---

Quick Answer

Week 12 of 2020 covered: a malicious Android app posing as a coronavirus tracker that locks the device and demands a $100 Bitcoin ransom within 48 hours, threatening to wipe contacts, photos, videos, and social media accounts; Russian-language cybercrime forums selling a weaponized COVID-19 map that delivers AZORult information-stealing malware via a Java-based deployment kit; a McDonald's Germany ordering vulnerability that two researchers used to obtain unlimited free food, reported responsibly; trojanized hacking tools backdooring the machines of attackers who downloaded free pen-test software; ransomware shutting down the Illinois Public Health Department's website serving 210,000 people for up to two weeks (350+ ransomware incidents at state and municipal agencies since 2013); and a phishing-driven Carnival Corp breach affecting Princess and Holland America passengers and exposing names, addresses, SSNs, and government travel numbers.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-12-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2012%20of%202020&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-12-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-12-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-12-of-2020%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2012%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2012%20of%202020&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-12-of-2020%2F "Share via Email") 

![Cyber Security](https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8971.jpg) 

_By now you should know that coronavirus is being used to phish victims_. And now apparently, it’s also being used to launch **ransomware**…on smartphones. From [SC Magazine](https://www.scmagazine.com/home/security-news/news-archive/coronavirus/coronavirus-tracking-app-locks-up-android-phones-for-ransom/), “_A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom in order to restore access_.”

The article further explains that “_Victims are given a 48-hour deadline to pay a $100 ransom in bitcoin._ To ratchet up the stakes, the ransomware program also **threatens to erase** one’s contacts, photos, videos and memory, as well as leak the victim’s social media accounts.” It seems that coronavirus can get you a lot of different ways.

## Malware by Russian Hackers

In keeping with a theme, _Russian hackers are selling a malware-sabotaged COVID-19 map_. From [SC Magazine](https://www.scmagazine.com/home/security-news/news-archive/coronavirus/russian-cybercrime-forums-seen-selling-malware-sabotaged-covid-19-map/), “The recently discovered weaponized coronavirus map found to infect victims with a variant of the information-stealing **AZORult malware** has been sold online by Russian language cybercrime forums. \[The\] interactive map dashboard was part of an infection kit designed for a Java-based malware deployment operation.”

“_Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus_.” Yes sir.

[![Malware](https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8972.jpg)](https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8972.jpg)

## Phishing Phrontier

_Hackers usually hack for money. Sometimes they hack for data_. Now we have a story about hackers who hacked for…Big Macs. You heard that right. According to an article on [Vice](https://www.vice.com/en%5Fau/article/4agvdw/mcdonalds-hack-free-food), “software developers Lenny Bakkalian and David Albert **discovered two loopholes** in the German McDonald’s system which allowed them to order an endless supply of free food.” _Gives a whole new meaning to the word Hamburglar_.

Fortunately for McDonald’s, the two hackers didn’t take advantage of the flaw in the company’s app. _They did however confirm that they received some kind of reward from McDonald’s for finding the flaw_. Probably doesn’t taste as good though.

## Trojanized Hacking Tools

Well it’s about time someone turned the table on hackers. From [Help Net Security](https://www.helpnetsecurity.com/2020/03/10/trojanized-hacking-tools/), “_Hackers are getting hacked via trojanized hacking tools_. Someone has been trojanizing a wide variety of hacking tools to compromise the machines of hackers who want to use the **tools for free**. The researchers’ investigation revealed that this campaign appears to have been going on for several years.”

Who is behind this? Who cares?

## Body Count

_Anything that impacts public safety today is going to be a big deal, especially ransomware_. Such is the situation with the Illinois Public Health Agency. According to [Mother Jones](https://www.motherjones.com/politics/2020/03/illinois-ransomware-coronavirus/), “The website for a public health department **serving about 210,000 people** in central Illinois, including students at the state’s flagship public university, _has been hit with ransomware that could leave it shuttered for up to two weeks_.”

_It’s not clear who the perpetrators are or if the agency paid the ransom_. And they’re certainly not the first public agency to be hit. “Since 2013 there have been at least **350 instances of ransomware** targeting state or municipal political entities who were without [email security service](/). Illinois has seen 14 incidents in that time, according to the data.”

[![phishing attack](https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8973.jpg)](https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8973.jpg)

## Carnival Corp Data Breach

_Cruise lately? If you have, you may have had your personal data compromised_. According to the [Identity Theft Resource Center](https://www.idtheftcenter.org/phishing-attack-leads-to-carnival-cruise-line-data-breach/), “Carnival Corp. announced that two of its cruise lines were impacted by a Carnival cruise line data breach. Unknown numbers of employees and customers of Princess line and Holland America line may have had their complete identities compromised, including names, addresses, Social Security numbers, government-issued travel numbers and more.” Ouch.

How did this happen? The same way they all happen. “The Carnival cruise line data breach appears to have occurred as a result of a **targeted email attack** that included deceptive communications, which are most likely part of a **phishing attack**.”

And that’s the week that was.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 1m  April Spam Filtering Uptime Report  May 4, 2016 ](/blog/announcements/april-spam-filtering-uptime-report/)[  News 2m  Changes to Spam Filtering Technology  Feb 8, 2023 ](/blog/announcements/changes-to-spam-filtering-technology/)[  News 4m  Cyber Security News Update, Week 1 of 2020  Jan 3, 2020 ](/blog/announcements/cyber-security-news-update-week-1-of-2020/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 12 of 2020","description":"By now you should know that coronavirus is being used to phish victims. And now apparently, it’s also being used to launch ransomware…on smartphones.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/","datePublished":"2020-03-25T15:50:39.000Z","dateModified":"2025-05-22T12:20:24.000Z","dateCreated":"2020-03-25T15:50:39.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/"},"articleSection":"announcements","keywords":"","wordCount":616,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8971.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 12 of 2020","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 12 of 2020","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 12 of 2020","description":"By now you should know that coronavirus is being used to phish victims. And now apparently, it’s also being used to launch ransomware…on smartphones.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/","datePublished":"2020-03-25T15:50:39.000Z","dateModified":"2025-05-22T12:20:24.000Z","dateCreated":"2020-03-25T15:50:39.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-12-of-2020/"},"articleSection":"announcements","keywords":"","wordCount":616,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2020/03/spf-validator-8971.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```
