Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

2020-12-23 19:02

The advanced persistent threat known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries' vaccine-development efforts.

That's the finding from Kaspersky researchers, who found that Lazarus Group - widely believed to be linked to North Korea - recently attacked a pharmaceutical company, as well as a government health ministry related to the COVID-19 response.

For the pharma company, Lazarus Group deployed the Bookcode malware in a likely supply-chain attack through a South Korean software company, according to Kaspersky.

"We've previously seen and reported to our Threat Intelligence Report customers that a very similar technique was used when the Lazarus group attacked cryptocurrency businesses with an evolved downloader malware," they said, adding that " debugging messages have the same structure as previous malware used in attacks against cryptocurrency businesses involving the Lazarus group.

"We previously saw Lazarus attack a software company in South Korea with Bookcode malware, possibly targeting the source code or supply chain of that company," according to Kaspersky.

News URL

https://threatpost.com/lazarus-covid-19-vaccine-maker-espionage/162591/

#attack #covid19 #espionage #lazarusgroup