Report: Hackers target organizations included in popular coronavirus conspiracy theories

Hackers leaked thousands of email addresses and passwords from organizations supposedly involved in coronavirus coverups

Data on screen, viewed by shadowy hacker

According to the Search for International Terrorist Entities (SITE) Intelligence Group, hackers are responsible for leaking thousands of email addresses and passwords from the National Institutes of Health (NIH), the Centers for Disease Control and Prevention (CDC), the Bill and Melinda Gates Foundation, the World Health Organization (WHO), the World Bank and the Wuhan Institute of Virology. All told, the leak included nearly 25,000 employees' email addresses and login credentials and targeted organizations at the center of many coronavirus conspiracy theories.

While Pastebin initially listed the user credentials, the same materials were later shared to 4chan and Twitter. The leaked information was also posted to far-right extremist channels on Telegram. 

Advertisement - Article continues below

Of the leak’s targets, it appears that the NIH took the brunt of it with upward nearly 10,000 accounts leaked. Others weren’t far behind, though, as the CDC had 6,857 accounts leaked, World Bank had 5,120 accounts leaked, and the WHO had 2,732 accounts leaked. 

Although SITE has yet to verify origins of the leak, The Washington Post reports Australian cybersecurity expert Robert Potter was able to verify the leaked WHO email addresses and passwords. In fact, Potter was even able to use the leaked email addresses and passwords to gain access to WHO’s computer systems.

Advertisement
Advertisement - Article continues below

Rita Katz, SITE’s executive director, shared with the Washington Post, “Neo-Nazis and white supremacists capitalized on the lists and published them aggressively across their venues. Using the data, far-right extremists were calling for a harassment campaign while sharing conspiracy theories about the coronavirus pandemic. The distribution of these alleged email credentials were just another part of a months-long initiative across the far right to weaponize the COVID-19 pandemic.”

Advertisement - Article continues below

The WHO has seen the number of cyberattacks against it increase since the onset of the coronavirus. Seeing as the targets of this hack are in some ways included in coronavirus conspiracy theories, SITE suggestings this leak was intended to harass staff members and retrieve sensitive information related to the coronavirus pandemic.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/phishing/355810/zloader-malware-returns-as-a-coronavirus-phishing-scam
phishing

ZLoader malware returns as a coronavirus phishing scam

27 May 2020
Visit/security/hacking/355806/anarchygrabber-hack-steals-discord-tokens-ids-and-passwords
hacking

AnarchyGrabber hack steals Discord tokens, IDs and passwords

27 May 2020
Visit/security/hacking/355801/scammers-using-coronavirus-contact-tracing-in-hacking-attempt
hacking

Scammers leverage contact-tracing in hacking attempt

27 May 2020
Visit/security/phishing/355793/gitlab-phishes-its-remote-employees-and-1-in-5-fell-for-it
phishing

GitLab phished its employees and 20% handed over credentials

26 May 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020
Visit/security/ransomware/355811/how-can-organisations-protect-themselves-from-nas-ransomware-attacks
ransomware

How can organisations protect themselves from NAS ransomware attacks?

28 May 2020