back to article Crooks posing as COVID-19 'cold chain' company phished EU for vaccine intel, says IBM

An unidentified group of malicious sorts impersonated a so-called "cold chain" company involved in COVID-19 vaccine distribution networks then targeted an EU governmental agency, according to IBM. Infosec researchers from Big Blue's X-Force threat intelligence unit "uncovered targets across multiple industries, governments and …

  1. IceC0ld

    Crooks phishing for COVID vaccine intel

    the depths to which humankind will sink to, in the chase to 'earn' a few $$$ more

    will NEVER cease to disgust me :o(

    1. Tom Paine

      Re: Crooks phishing for COVID vaccine intel

      Depending who's doing it, they may be motivated by patriotism, or by fear of the state (China in particular likes acquiring cheap cyber talent by nicking crooks and offering them the choice of a labour camp or Unit 17xyz.)

    2. Anonymous Coward
      Anonymous Coward

      Re: Crooks phishing for COVID vaccine intel

      Please, tell us what you think about Amazon, Apple, Google, Facebook & all. I'm sure you find them decent, loving, caring companies with nothing but the good of humankind as their goal.

  2. cornetman Silver badge

    I must admit that I am puzzled as to what the aims of these "bad actors" might be as it is not elaborated on.

    If they are wishing to disrupt our ability to distribute and manufacture vaccines, then that is obviously a bad thing, but I don't see any specific suggestion that that might be their aim.

    1. Tom Paine

      Off the top of my head:

      - nicking email or other docs that can be selectively leaked to give the impression the vaccine's unsafe, or was stolen from Russia, or contains Bill Gates' famous microchips or whatever.

      - straightforward industrial espionage

      - blackmail attacks

      - to compromise part of the pharmaceutical industry via the supply chain for the same motives as anyone else attacks pharma targets (fraud, theft, blackmail etc); nothing to do with SARS-Cov-2 per se, it just happens to be what's going on RN so that's the angle they're using

      - straightforward financial fraud or theft ("Hi this is China FreezerCo Inc, pls remit payment for latest deliveries in bitcoin to: ... ")

      No doubt experts can suggest several others

  3. Tom Paine
    Black Helicopters

    "Unusual"

    ...it would be unusual for an attack impersonating a Chinese company to originate in the West.

    If you were planning a false flag op, wouldn't you twamt to pick an org least likely to be suspected to be a front? Nothing particularly secure about Chinese commercial IT ops, in terms of security. You'd need to know the language and some of the culture, of course...

    *strokes chin, steeples fingers, reaches for the metaphorical bong

  4. Boris the Cockroach Silver badge

    Hi there

    we've encyrpted your entire virus supply chain.

    Pay us 25 million dollars in bitcoin to get your supply chain unscrambled, remember every hour you delay puts the price up 1 million dollars and another 100 people die from the virus.

    Yours ransomware scum.

    Although if a group tried something like that , I'm pretty sure that they'd get a visit from some non state actors before being found face down in some quick lime with large steel weights on their backs...

    1. Version 1.0 Silver badge
      Unhappy

      Re: Hi there

      How long has this been going on? And how many gangs have been stopped?

      It's been going on for years and maybe two or three people have been arrested ... virtually none of the money has been recovered. Tech companies and governments are doing very little to prevent this, mostly they just blame the lusers for opening emails ... "But sir, I was sent a new invoice as a picture so I had to open the New_Invoice8365485.img email."

  5. Anonymous Coward
    Anonymous Coward

    RUSSIANS!!!! CHINESE!!!

    Israel? Or perhaps the... NO! That would be unheard of!!!! :D

  6. A random security guy Bronze badge

    This is just one of the attacks on Pharma

    There is a huge number of extremely targeted attacks going on against Pharma, NIH, academic institutes, etc. These are almost all state actors with immense resources and their interests can be extremely long term. For example, understanding how distribution of vaccines takes place can help them understand how to attack the supply chain in the event of war. Disrupting vaccine supplies right now can extend the turmoil in a country, sink its economy even more, and give the "patriot's country an edge in a geo-political sense. It can also help in positioning and pricing your own vaccines.

    This is cold-hard-ruthless-Stalinistic politics.

    1. Anonymous Coward
      Anonymous Coward

      Re: This is just one of the attacks on Pharma

      ... or maybe someone wants vaccine knowledge shared for the good of humankind?

  7. NonSSL-Login

    Shake the tree and see what falls out

    Not every fishing trips starts with an exact end goal in mind.

    Sometimes the data and results you see along the way dictates the path you take and gives you further direction.

    Not every fishing trip has to end with a success but you hope to learn something along the way which will be useful on the next trip.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021