Malicious Activity Targeting COVID-19 Research, Vaccine Development

["US-CERT" <US-CERT () ncas us-cert gov>]

Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:



Malicious Activity Targeting COVID-19 Research, Vaccine Development [ 
https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/malicious-activity-targeting-covid-19-research-vaccine-development
 ] 07/16/2020 07:16 AM EDT 
Original release date: July 16, 2020

In response to malicious activity targeting COVID-19 research and vaccine development in the United States, United 
Kingdom (UK), and Canada, the Cybersecurity and Infrastructure Security Agency (CISA), UKs National Cyber Security 
Centre (NCSC), Canadas Communications Security Establishment (CSE), and the National Security Agency (NSA) released a 
Joint Cybersecurity Advisory [ https://www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development ] to 
expose the threat. A malicious cyber actor is using a variety of tools and techniques to target organizations involved 
in COVID-19 research and vaccine development. Tools include SOREFANG [ 
https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198a ], WELLMESS [ 
https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198b ], and WELLMAIL [ 
https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198c ] malware.

CISA encourages users and administrators to review the Joint Cybersecurity Advisory [ 
https://www.ncsc.gov.uk/news/advisory-apt29-targets-covid-19-vaccine-development ] and the following Malware Analysis 
Reports for more information and to apply the mitigations provided.


  * SOREFANG [ https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198a ] 
  * WELLMESS [ https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198b ] 
  * WELLMAIL [ https://us-cert.cisa.gov/ncas/analysis-reports/ar20-198c ] 

This product is provided subject to this Notification [ https://us-cert.cisa.gov/privacy/notification ] and this 
Privacy & Use [ https://www.dhs.gov/privacy-policy ] policy.

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: 
#333333; } ________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ]  

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]