Security News > 2020 > December > North Korean state hackers breach COVID-19 research entities
North Korean nation-state hackers tracked as the Lazarus Group have recently compromised organizations involved in COVID-19 research and vaccine development.
After slithering into their network, the North Korean state hackers deployed Bookcode and wAgent malware with backdoor capabilities.
In the attack that took place on October 27, the wAgent malware had "The same infection scheme as the malware that the Lazarus group used previously in attacks on cryptocurrency businesses."
Even though in the past the hackers deployed this malware in a supply chain attack and via spearphishing, in this case, the attack vector was not discovered.
Vaccine research organizations from Canada, UK, and the US have been the target of several attacks coordinated by the Russian state-sponsored APT29 hacking group throughout the year.
News URL
Related news
- North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware (source)
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms (source)
- Dell investigates data breach claims after hacker leaks employee info (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)