Pharmaceutical companies researching treatments and vaccines for COVID-19 are being actively targeted by prominent nation state-backed hackers from Russia and North Korea, according to IT Pro. Groups including Strontium, Zinc and Cerium are launching “unconscionable” cyber-attacks against companies running trials for COVID-19 vaccines, one clinical research organisation and a company that’s developed a virus test – targeting a total of seven companies involved in researching vaccines and treatments. Strontium, allegedly linked with the Russian state, is using password spray and brute force attacks to steal login credentials, hoping to break into user accounts using millions of quickfire attempts. Zinc, meanwhile, uses spear-phishing lures for credential theft, posing as recruiters to send fabricated job descriptions to potential candidates. Cerium also engages in spear-phishing email lures themed around coronavirus, masquerading as World Health Organisation (WHO) representatives. Both are allegedly tied with North Korea.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
