North Korean hackers attack pharmaceutical companies to create their own vaccine for coronavirus

Recent intelligence reports mention that The Center for Biological Industry Research at Kim-Il-sung University in North Korea is developing its own version of the coronavirus vaccine. Informants say this vaccine is being developed from information stolen from foreign pharmaceutical companies attacked by a group identified as Bureau 325.

“It is difficult to determine exactly what kind of information was compromised, although we can confirm that the North Korean government has stolen confidential information,” the report says. Investigators believe hackers work directly for Kim Yo-jong, Kim Jong-un’s sister.

La imagen tiene un atributo ALT vacío; su nombre de archivo es kimjongun.jpg

Although the informants say that the team of North Korean researchers is unclear on how effective this vaccine will be because of the little work that has been done, Kim Jong-un is already demanding results: “This hacking group got some technical details about the development of the vaccine, however, North Korea does not have the capacity to produce this vaccine,” the experts say.

It is well known that the North Korean government has implemented severe measures to prevent the virus from entering its territory: “The greatest extent was to isolate the entire country and even to place landmines along its border,” previous reports mention. Last December, the North Korean army allegedly executed a man with a firing squad after he broke quarantine restrictions.

These are not the only reports related to pandemic management in North Korea. According to cybersecurity firms, the hacking group known as Hidden Cobra was planning an attack campaign against government organizations in Japan, South Korea and the United States. These reports were confirmed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

“Posing as South Korean reporters, threat actors conducted various interviews with their goals for confidential information,” CISA says. The agency mentions that threat actors invited the targets to a Skype interview on the issue of political issues related to the two Koreas and denuclearization negotiations on the Korean Peninsula.

CISA added that Hidden Cobra sent emails with malicious documents after recipients accepted an interview. When the interview date approached, another email was sent canceling the interview. For more information on vulnerabilities, exploits, malware variants, cybersecurity risks and information security courses, feel free to access the International Cyber Security Institute (IICS) website.