In the past few months, a series of cyber attacks by hackers supported by the governments of Russia and North Korea have targeted pharmacists and researchers working on the development of treatments and vaccines for covid-19. The complaint was made by Microsoft, in a statement released on Friday (13).
“We think these attacks are unscrupulous and should be condemned by the whole of civilized society,” said Tom Burt, corporate vice president for Customer Security and Trust at Microsoft. According to the executive, most of the detected attacks were unsuccessful, but the company did not reveal how many were successful or how serious the breaches were.
The targets were companies from Canada, the United States, South Korea, India and France, most of which made vaccines to fight the new coronavirus. Among the companies, whose names have not been revealed, are some with immunizers in advanced clinical trials.
According to the Redmond giant, three groups involved in the attacks were identified. One of them is Fancy Bear, related to the Russian government and already mentioned in other similar invasion attempts. The other two are Lazarus and Cerium, which are linked to North Korea.
Techniques used in attacks
To try to steal the login credentials of professionals linked to the attacked companies, Russian hackers undertook millions of quick attempts to access researchers’ accounts, according to Microsoft.
North Korean hackers used the technique of spear phishing, which consists of sending fake emails to corporations, with the aim of stealing information or installing malware on victims’ devices. One group pretended to be a job recruiter, while the other pretended to be a representative of the World Health Organization (WHO).
According to the owner of Windows, all the attacked companies were notified and, in those where cybercriminals were successful, assistance was provided.