Security News > 2020 > December > Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack
The advanced persistent threat known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries' vaccine-development efforts.
That's the finding from Kaspersky researchers, who found that Lazarus Group - widely believed to be linked to North Korea - recently attacked a pharmaceutical company, as well as a government health ministry related to the COVID-19 response.
For the pharma company, Lazarus Group deployed the Bookcode malware in a likely supply-chain attack through a South Korean software company, according to Kaspersky.
"We've previously seen and reported to our Threat Intelligence Report customers that a very similar technique was used when the Lazarus group attacked cryptocurrency businesses with an evolved downloader malware," they said, adding that " debugging messages have the same structure as previous malware used in attacks against cryptocurrency businesses involving the Lazarus group.
"We previously saw Lazarus attack a software company in South Korea with Bookcode malware, possibly targeting the source code or supply chain of that company," according to Kaspersky.
News URL
https://threatpost.com/lazarus-covid-19-vaccine-maker-espionage/162591/
Related news
- How Lazarus Group built a cyber espionage empire (source)
- Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks (source)