State-sponsored campaigns to hack COVID-19 vaccine makers might be more commonplace than previously thought. According to ZDNet, Microsoft has detected hacks from three “nation-state actors” targeting seven pharmaceutical firms and researchers, including the US as well as Canada, France, India and South Korea. The software giant didn’t name the targets, but said the “majority” are involved in coronavirus vaccine development and research.
The campaigns reportedly come from Russia’s APT28, better known as Fancy Bear or Strontium, as well as North Korea’s Lazarus Group (aka Zinc) and a new Cerium outfit. Fancy Bear used brute force and “password spray” attempts to steal sign-in credentials, while Lazarus and Cerium have leaned on spear phishing efforts to impersonate recruiters and the World Health Organization.