Hackers are reportedly posing as recruiters on LinkedIn and WhatsApp to trap key individuals into downloading malware-embedded e-documents, in a bid to breach AstraZeneca computers. The efforts are said to have been thwarted so far.
Sanjhi Soch Beauro –In continued cyber attacks on key pharmaceutical organisations researching on Covid-19 vaccines, a fresh wave of attacks by North Korean hackers have been spotted to be squarely targeting British pharma major, AstraZeneca. In the new attack tactic, hackers are said to be posing as recruiters on LinkedIn and WhatsApp, among the most popular communication platforms in the world. Using these, the hackers are seemingly targeting key individuals linked with astra zeneca and attempting to convince them into download e-documents that have embedded macros containing malware. While the exact make and nature of the malware used in the attack is not clear, the nature of hacking attemt suggests the use of regular remote access trojan (RAT) – which allows attackers to infiltrate systems from a distance, lie undetected for long spans of time, and relay key data from a company’s internal servers to the hacker’s remotely controlled server.
While this is certainly not the first time that attackers are attempting to use Covid-19 as the main pivot to increase their hacking attempts, things have steadily gotten more sensitive. Major Covid vaccine research organisations have been facing significant cyber attacks, suspected to be state-backed threat actors looking to steal key data from the Covid vaccine trials and other crucial information. While the earlier crop of attackers were traced to be from China and Russia, the recent spur of activity is seemingly coming from north koria . In an earlier report we highlighted how the North Korean hacker collective, Lazarus, has been increasingly targeting Covid vaccine efforts around the world.