Security News > 2020 > December > North Korean state hackers breach COVID-19 research entities
North Korean nation-state hackers tracked as the Lazarus Group have recently compromised organizations involved in COVID-19 research and vaccine development.
After slithering into their network, the North Korean state hackers deployed Bookcode and wAgent malware with backdoor capabilities.
In the attack that took place on October 27, the wAgent malware had "The same infection scheme as the malware that the Lazarus group used previously in attacks on cryptocurrency businesses."
Even though in the past the hackers deployed this malware in a supply chain attack and via spearphishing, in this case, the attack vector was not discovered.
Vaccine research organizations from Canada, UK, and the US have been the target of several attacks coordinated by the Russian state-sponsored APT29 hacking group throughout the year.
News URL
Related news
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)
- NSA warns of North Korean hackers exploiting weak DMARC email policies (source)
- North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms (source)
- Helsinki suffers data breach after hackers exploit unpatched flaw (source)
- North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign (source)