Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Vaccine Development

The APT29 threat group, also known as Cozy Bear, targeted a range of sectors across Canada, Great Britain, and the United States. The campaign focused on entities involved in COVID-19 vaccine development including the government, diplomacy, think-tank, healthcare, and energy domains. The cyber espionage group used malware labeled WellMess, WellMail, and SoreFang to steal sensitive data, install malicious software, execute shell commands, and run scripts. APT29 used spear-phishing emails and exploited public facing servers to carry out the initial infection vector.
Name Modified Date Sources
Operation Vaccine Development 2020-07-17