COVID-19 vaccine data emerged on Russian-language darkweb forum

Researchers from Cyble, a company specializing in the study of cyberthreats, have found data on the darkweb that is directly related to the vaccine against the coronavirus infection COVID-19.

Experts believe that all of the leaked data was stolen from the European Medicines Agency (EMA). Such incidents once again highlight the interest of cybercriminals in attacks on the pharmaceutical industry and government organizations.

In addition, it can be seen that the attackers are not letting go of the topic of the pandemic. If you remember, in early December, the European Medicines Agency reported a cyberattack on its systems.

Representatives of the agency did not provide details, but experts immediately suspected that it could be a compromise of data on vaccines. This is a logical conclusion considering that the EMA is evaluating and approving vaccines against COVID-19.

“The European Medicines Agency became a victim of a cyberattack, after which it initiated an investigation together with law enforcement agencies. Currently, the EMA is unable to provide details of the cyberattack, as the investigation is still ongoing”,- says an official statement from the EMA.

The goal of the cybercriminal operation is crystal clear as the agency has all the sensitive data on existing COVID-19 vaccines at its disposal. For example, attackers were likely interested in vaccine quality, safety, efficacy, and test results.

According to Cyble’s report, the stolen documents have surfaced on one of the Russian-language dark web forums. A link to confidential data was published by a newly created account, whose activity is limited solely to information leaks.

“As we examined the compromised data, it became clear that attackers were able to get to personal emails, internal pages, reports and confidential information”, — write Cyble researchers.

In addition, the FBI and Interpol have warned of emerging pandemic-related fraud schemes, stating that false drugs and vaccines advertised on fake websites could pose cyber threats and are associated with significant health or even life risks.

The number of website domains containing the word “vaccine” combined with Covid-19 or the coronavirus more than doubled from October to around 2,500 in November, when the first legal vaccines were approaching regulatory approval, according to cybersecurity firm Recorded Future, which tracks down Covid-19 scams on the Internet.