18.11.2020 | Russia and North Korea sponsored Hackers are targeting COVID-19 researchers
Microsoft has announced on last week that Sponsored Hackers of the Russia and North Korea governments are targeting companies directly involved in researching vaccines and treatments for COVID-19, and in some cases, the attacks have succeeded.
Microsoft Corporate Vice President for Customer Security & Trust – Tom Burt has said, there are seven companies which have been targeted including vaccine makers with COVID-19 vaccines in various clinical trial stages, a clinical research organization involved in trials and a developer of a COVID-19 test and they also targeted organizations which have contracts with or investments from government agencies from around the world involved in COVID-19 related works. The targets were reportedly from US, Canada, France, India and South Korea.
Microsoft announced that one of the attack groups involved in this case is Strontium, hackers sponsored by the Russian government. They are using password spraying and brute force login attacks that bombard servers with large numbers of credentials in the hopes of guessing correct ones. Two other accomplices were called Zinc and Cerium who works on behalf of North Korea’s government. Both are using spear phishing emails, the people from Zinc fabricating as job recruiters and those from Cerium are masquerading as representatives from World Health Organization.
“The majority of these attacks were blocked by security protections built into our products,” Burt said of activities from all three groups. “We’ve notified all organizations targeted, and where attacks have been successful, we’ve offered help.”