15:06 GMT15 January 2021
Listen Live
    Get short URL

    Stories of North Korea-affiliated hacker groups attacking firms and laboratories involved in the development of COVID-19 vaccines and treatments for the disease have been circulating for months. Pyongyang always dismisses the allegations, claiming that no evidence of malign cyber activity has been produced.

    A hacker group named "Kimsuky" by the US government and commonly associated with North Korea reportedly coordinated international cyber attacks targeting at least six pharmaceutical companies working on treatments and vaccines against the COVID-19 coronavirus, the Wall Street Journal reported Wednesday.

    According to the newspaper, hackers aimed at drug companies in the US, the UK and South Korea to steal information that would help North Korea, which was projected by some to be used as a weapon or sell to another pharmacy company.

    The group of hackers have reportedly attacked Johnson & Johnson and Novavax, US companies developing their own coronavirus vaccines since August, along with three South Korean entities working on a treatment for the coronavirus.

    Media reports claimed that, last week, hackers tried to breach AstraZeneca networks, a UK pharmaceutical company claiming a 90% effective rate for their vaccine against the COVID-19. 'Kimsuky' targeted a "broad set of people", creating email accounts to pose as their colleagues or friends and sending messages with deleterious attachments or links that could let hackers into the computer of the victim.

    The report does not provide the information on whether the hackers were granted access to the information from any of the companies' systems.

    Two of three South Korean companies, Shin Poong Pharmaceutical and Celltrion, reportedly confirmed the hacker attacks, but did not find damage to their systems. A third, Genexine, stated it had not found any evidence of an attack attempt. The US coronavirus vaccines makers also didn't suffer any damage upon this alleged attacks.

    US tech giant, Microsoft, in a statement last month said that it detected cyber attacks against at least seven companies researching a COVID-19 vaccine and drugs for the disease. Microsoft linked those attacks to the hacking groups allegedly tied with North Korea and Russia.

    "Kimsuky", also known in cybersecurity community as Velvet Chollima, Black Banshee or Thallium, is a group of hackers with  fairly wide interests ranging from banks, Western governments and intelligence systems and information on issues salient to the Korean Peninsula.

    The North Korean government has repeatedly denied accusations of carrying out hacker attacks on other countries and entities. The country also claimed that it had not had a single coronavirus case on its territory, although authorities ordered border security tightened due to the pandemic.


    US Intelligence Alleges Iranian Hackers Behind Intimidation Emails Accessed Voter Data
    S Korea Arrests 8 Suspected Internet Scammers With Links to N Korean Hacker, Reports Say
    Top-Profile Hacker Tapped to Head Twitter's Security
    'Expert' Claims Hackers Behind Cyber Attack on Manchester United FC Were Backed by Russia or China
    AstraZeneca, Johnson&Johnson, hacker attack, cyberattack, cyberspace, cyber, vaccines, coronavirus, COVID-19, hackers, North Korea
    Community standardsDiscussion