Exclusive: Alleged North Korean hackers target COVID vaccine maker AstraZeneca – sources

LONDON (Reuters) – Suspected North Korean hackers have tried to break into AstraZeneca’s British pharmaceutical system in recent weeks, two people familiar with the case told Reuters as the company competed to install a COVID-19 virus vaccine.

The hackers applied as recruiters on LinkedIn and WhatsApp to search for AstraZeneca employees with fake job offers, sources said. Documents were then sent, which were allegedly job descriptions and provided with malicious codes aimed at accessing the victim’s computer.

According to one source, the hacking attempts targeted a “broad group of people,” including COVID-19 research staff, but said they were unsuccessful.

The UN mission in Geneva, North Korea, did not respond to a comment. Pyongyang had previously denied carrying out cyber attacks. It has no direct contact with foreign media.

AstraZeneca, one of the top three COVID-19 vaccine developers, declined to comment.

Anonymous sources discussing non-public information said the tools and techniques used in the attacks show they were part of an ongoing hacking campaign attributed to North Korea by U.S. officials and cyber security researchers.

The campaign had previously focused on defense companies and media organizations, but three people investigating the attacks said it had targeted COVID-related targets in recent weeks.

Cyber-attacks against health authorities, vaccine scientists, and pharmaceutical manufacturers increased during the COVID-19 epidemic, while state-sponsored and criminal hacker groups are confused with obtaining the latest research and information about the epidemic.

Western officials say the stolen information could be sold for profit, used to extort victims, or be a valuable strategic asset to foreign governments as they fight to curb the disease that kills 1.4 million people worldwide.

Microsoft said this month that two North Korean hacker groups were targeting vaccine developers in several countries, including “fabricated job descriptions”. Microsoft did not name any of the named organizations.

South Korean lawmakers said Friday that the country’s intelligence agency thwarted these attempts.

Reuters previously reported that hackers in Iran, China and Russia had tried to break into leading pharmaceutical companies and even the World Health Organization. Tehran, Beijing and Moscow all denied the allegations.

Some of the accounts used in the attacks on AstraZeneca were registered to Russian email addresses, one source said, as a possible attempt to mislead investigators.

North Korea is accused by U.S. prosecutors of the boldest and most harmful cyber attacks in the world, including hacking and leaking Sony Pictures emails in 2014, stealing $ 81 million in 2016 from the Central Bank of Bangladesh and releasing Wannacry ransomware. virus in 2017.

Pyongyang described the allegations as part of his attempts to blur the image of Washington.

Further account of Stephanie Ulmer-Nebehay in GENEVA; Edited by Philippa Fletcher