Cozy Bear Hackers Target Covid-19 Research Centres in UK, US and Canada

An advisory published by the UK National Cyber Security Centre (NCSC) warns of activity by Russian hacking group APT29 and explicitly calls out efforts to target the US, UK, and Canadian vaccine research, according to CNN.  Cyber actors from the Russian hacking group, which also goes by the name “the Dukes” or “Cozy Bear”, are targeting organisations involved in coronavirus vaccine development, according to the new warning issued today. APT29 uses a variety of tools and techniques, including spear-phishing and custom malware known as “WellMess” and “WellMail”, according to the NCSC, who have also assessed that the hacking group “almost certainly operate[s] as part of Russian Intelligence Services.”