Russian attacks on COVID-19 vaccine development exposed

This week, the NCSC exposed an ongoing campaign of malicious activity targeting coronavirus vaccine research and development globally.

The UK, supported by the US and Canada, revealed that the threat group, APT29, has exploited organisations involved in the response to the pandemic. The NCSC assesses that APT29, also named “the Dukes” or “Cozy Bear” almost certainly operate as part of Russian intelligence services.

The group uses a variety of tools and techniques to target organisations to steal valuable information using custom malware known as ‘WellMess’ and ‘WellMail’.

WellMess and WellMail have not previously been publicly associated to APT29.

The full advisory is available to download from the NCSC website.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: