430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

APT

North Korean hackers allegedly behind cyberattacks on AstraZeneca

The Reuters agency revealed in an exclusive that the COVID vaccine maker AstraZeneca was targeted by alleged North Korea-linked hackers. According to a report published by Reuters, suspected North Korea-linked hackers targeted AstraZeneca, one of the companies that are developing a COVID vaccine. The attack attempts took place in recent weeks, two people with knowledge […]

BlueNoroff lazarus APT

The Reuters agency revealed in an exclusive that the COVID vaccine maker AstraZeneca was targeted by alleged North Korea-linked hackers.

According to a report published by Reuters, suspected North Korea-linked hackers targeted AstraZeneca, one of the companies that are developing a COVID vaccine.

The attack attempts took place in recent weeks, two people with knowledge of the matter told Reuters. The attackers used a well-known tactic, the hackers posed as recruiters on popular social network platforms and instant messaging applications, including LinkedIn and WhatsApp, to approach AstraZeneca employees with fake job offers.

“They then sent documents purporting to be job descriptions that were laced with malicious code designed to gain access to a victim’s computer.” reported Reuters. “The hacking attempts targeted a “broad set of people” including staff working on COVID-19 research, said one of the sources, but are not thought to have been successful.”

Pyongyang has always denied carrying out cyberattacks on healthcare organizations and entities involved in the development of a vaccine.

The attribution to North Korea is based on the analysis of tools and techniques used in the cyber that presents significant overlaps on an ongoing hacking campaign that U.S. officials and cybersecurity researchers.

According to the experts, the same campaign also aimed at defence companies, media organisations, and COVID-related targets, such as vaccine scientists and drugmakers.

A report recently published by the Canadian Centre for Cyber Security, titled “National Cyber Threat Assessment 2020,” warns of risks associated with state-sponsored operations from China, Russia, Iran, and North Korea.

Nation-state actors linked to the above countries pose the greatest strategic threats to Canada and according to the report, they will continue to attempt to steal Canadian intellectual property, especially related to COVID-19.

Threat actors are carrying out cyber espionage campaigns and online influence campaigns.

South Korean lawmakers announced last week that the country’s intelligence agency had foiled cyber attacks.

Reuters added that some of the accounts employed in the attacks on AstraZeneca were registered to Russian email addresses, but one of the sources speculated that it could be a false flag used by the attackers.

At the time of writing, AstraZeneca declined to comment.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, AstraZeneca)

[adrotate banner=”5″]

[adrotate banner=”13″]