The North Korean hackers approached AstraZeneca employees with fake job openings, sources reported to Reuters. They posed as recruiters on LinkedIn and WhatsApp. They then sent job description documents that were full of malicious code. With this they tried to gain access to the computers of the victims.
The hacking attempts were, among other things, aimed at employees who were working on corona vaccines. The hacking attempts have not yet been successful, according to Reuters sources.
Some of the hackers’ accounts were registered on Russian email addresses. In doing so, they tried to mislead researchers. The North Korean UN mission has not responded to the investigation. AstraZeneca declined comment. The Netherlands also has an option for more than 11 million doses of the vaccine from AstraZeneca.
Defense companies also targeted
The software and techniques used were the same as those used in an ongoing hacking campaign that North Korea is behind, according to the American authorities. Previously, defense companies and media were also targeted by the same group of hackers. But in recent weeks, the hackers have increasingly targeted organizations that have something to do with the corona virus, the security experts say.
The number of cyber attacks on healthcare institutions, scientific institutes and pharmaceuticals increased enormously during the corona pandemic. Hackers prey on gathering important information about the virus. Stolen data could be sold, used to extort people, or give governments a strategic advantage.
Microsoft said this month that two North Korean hacking groups targeted vaccine developers in multiple countries, but the company did not name the organizations.
South Korean authorities said on Friday that the country’s intelligence agency had thwarted several such hacking attempts.
Iran, China and Russia
Earlier this year, hackers from Iran, China and Russia also allegedly tried to break into leading drug manufacturers and the World Health Organization (WHO). The governments in Tehran, Beijing and Moscow denied the charges at the time.
North Korean hackers were also previously behind the Wannacry ransomware, the Central Bank of Bangladesh hack and the Sony Pictures hack, according to US prosecutors.