Specialists report that a North Korean government-sponsored hacking group has deployed a malicious campaign against the systems of AstraZeneca, a British pharmaceutical company that has taken important steps in the development of a COVID-19 vaccine.
According to reports, these hackers pretend to be recruiters on platforms like LinkedIn and WhatsApp in order to send fake job offers to the pharmaceutical company’s employed. If employees bit the first hook, hackers sent documents about alleged vacancy descriptions containing hidden malicious code to gain access to the victim’s systems.
This attack was deployed against a significant number of AstraZeneca employees, from operational personnel to the coronavirus vaccine development team. Still, there is no evidence to confirm that the attackers succeeded.
North Korea’s representatives to the United Nations were questioned about the alleged cyberattack, although their comments were reserved. AstraZeneca also decided not to comment on it. This is not the first time the North Korean government is linked to hacking campaigns against private companies and foreign governments.
The informants, who requested to remain anonymous, claim that the techniques used in this attack have also been seen in hacking campaigns deployed against some U.S. local and federal government organizations and focused primarily on defense companies and media organizations.
Cyberattacks on health agencies, vaccine scientists and drug manufacturers have increased considerably since the onset of the pandemic. Security firms in the West say that if this information is compromised, threat actors could extort affected companies, sell it to foreign governments or even the black market, delaying the advance of a vaccine against this fearsome disease.
Finally, Microsoft claims that it has detected at least two North Korean hacking groups deploy campaigns against vaccine developers in several countries, including sending messages with invented job descriptions. The company did not explicitly mention the companies allegedly affected.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.