North Korean cybercriminals send fake job offers to employees of AstraZeneca, manufacturer of the COVID-19 vaccine, to hack them

Specialists report that a North Korean government-sponsored hacking group has deployed a malicious campaign against the systems of AstraZeneca, a British pharmaceutical company that has taken important steps in the development of a COVID-19 vaccine.

According to reports, these hackers pretend to be recruiters on platforms like LinkedIn and WhatsApp in order to send fake job offers to the pharmaceutical company’s employed. If employees bit the first hook, hackers sent documents about alleged vacancy descriptions containing hidden malicious code to gain access to the victim’s systems.

This attack was deployed against a significant number of AstraZeneca employees, from operational personnel to the coronavirus vaccine development team. Still, there is no evidence to confirm that the attackers succeeded.  

La imagen tiene un atributo ALT vacío; su nombre de archivo es coronavaccine.jpg

North Korea’s representatives to the United Nations were questioned about the alleged cyberattack, although their comments were reserved. AstraZeneca also decided not to comment on it. This is not the first time the North Korean government is linked to hacking campaigns against private companies and foreign governments.

The informants, who requested to remain anonymous, claim that the techniques used in this attack have also been seen in hacking campaigns deployed against some U.S. local and federal government organizations and focused primarily on defense companies and media organizations.

Cyberattacks on health agencies, vaccine scientists and drug manufacturers have increased considerably since the onset of the pandemic. Security firms in the West say that if this information is compromised, threat actors could extort affected companies, sell it to foreign governments or even the black market, delaying the advance of a vaccine against this fearsome disease. 

Finally, Microsoft claims that it has detected at least two North Korean hacking groups deploy campaigns against vaccine developers in several countries, including sending messages with invented job descriptions. The company did not explicitly mention the companies allegedly affected.