Security News > 2020 > December > North Korean state hackers breach COVID-19 research entities
North Korean nation-state hackers tracked as the Lazarus Group have recently compromised organizations involved in COVID-19 research and vaccine development.
After slithering into their network, the North Korean state hackers deployed Bookcode and wAgent malware with backdoor capabilities.
In the attack that took place on October 27, the wAgent malware had "The same infection scheme as the malware that the Lazarus group used previously in attacks on cryptocurrency businesses."
Even though in the past the hackers deployed this malware in a supply chain attack and via spearphishing, in this case, the attack vector was not discovered.
Vaccine research organizations from Canada, UK, and the US have been the target of several attacks coordinated by the Russian state-sponsored APT29 hacking group throughout the year.
News URL
Related news
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)
- North Korean hackers stole $1.3 billion worth of crypto this year (source)
- North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin (source)
- FBI links North Korean hackers to $308 million crypto heist (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)
- White House links ninth telecom breach to Chinese hackers (source)
- Hackers steal ZAGG customers' credit cards in third-party breach (source)