Security News > 2020 > July > Hackers Look to Steal COVID-19 Vaccine Research

Hackers Look to Steal COVID-19 Vaccine Research
2020-07-16 18:05

The advanced threat actor known as APT29 has been hard at work attempting to pilfer COVID-19 vaccine research from academic and pharmaceutical research institutions in various countries around the world, including the U.S. That's according to a joint alert from the U.S. Department of Homeland Security, the U.K.'s National Cyber Security Centre and Canada's Communications Security Establishment, issued Thursday.

The 14-page advisory details the recent activity of Russia-linked APT29, including the use of custom malware called "WellMess" and "WellMail" for data exfiltration.

"Throughout 2020, APT29 has targeted various organizations involved in COVID-19 vaccine development in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and intellectual property relating to the development and testing of COVID-19 vaccines," the report noted.

Once established in a network, APT29 is employing homegrown malware that the NCSC is calling WellMess and WellMail, to conduct further operations on the victim's system and exfiltrate data.

This latest case is no exception to that M.O., according to the advisory: "APT29 is likely to continue to target organizations involved in COVID-19 vaccine research and development, as they seek to answer additional intelligence questions relating to the pandemic," the agencies concluded.


News URL

https://threatpost.com/state-sponsored-hackers-steal-covid-19-vaccine-research/157514/