LONDON/WASHINGTON (Reuters) - Hackers linked to Iran have targeted staff at U.S. drugmaker Gilead Sciences Inc in recent weeks, according to publicly-available web archives reviewed by Reuters and three cybersecurity researchers, as the company races to deploy a treatment for the COVID-19 virus.
FILE PHOTO: Gilead Sciences Inc pharmaceutical company is seen after they announced a Phase 3 Trial of the investigational antiviral drug Remdesivir in patients with severe coronavirus disease (COVID-19), during the outbreak of the coronavirus disease (COVID-19), in Oceanside, California, U.S., April 29, 2020. REUTERS/Mike Blake
In one case, a fake email login page designed to steal passwords was sent in April to a top Gilead executive involved in legal and corporate affairs, according to an archived version on a website used to scan for malicious web addresses. Reuters was not able to determine whether the attack was successful.
Ohad Zaidenberg, lead intelligence researcher at Israeli cybersecurity firm ClearSky, who closely tracks Iranian hacking activity and has investigated the attacks, said the attempt was part of an effort by an Iranian group to compromise email accounts of staff at the company using messages that impersonated journalists.
Two other cybersecurity researchers, who were not authorized to speak publicly about their analysis, confirmed that the web domains and hosting servers used in the hacking attempts were linked to Iran.
Iran’s mission to the United Nations denied any involvement in the attacks. “The Iranian government does not engage in cyber warfare,” said spokesman Alireza Miryousefi. “Cyber activities Iran engages in are purely defensive and to protect against further attacks on Iranian infrastructure.”
A spokesman for Gilead declined to comment, citing a company policy not to discuss cybersecurity matters. Reuters could not determine if any of the attemp ..
Support the originator by clicking the read the rest link below.
