Documents Relating to Covid-19 Vaccine of European Medicines Agency Allegedly Leaked in Darkweb

Advancement of technology has enabled scientists around the world to analyze the strain(s) of SARS Covid 19. Multiple medical organizations have been successful in developing vaccines to tackle SARS Covid 19 and are sharing this gift with the world through legal channels. However, there is an already illegal market being run to sell Covid-19 vaccines on the Darkweb market.

Couple of weeks back, European Medicines Agency(EMA) revealed that they were a victim of a cyberattack in which the documents related to Covid-19 vaccine were accessed. Cyble had been scanning the darkweb since the newsbreak. A detailed report on how hackers targeted the Covid-19 Supply Chain and selling the vaccine over the darkweb can be found here.

Recently, Cyble was successful in tracking the documents being shared on one of the Russian-speaking forums where the post along with the download link was shared. The profile from which the data was posted is newly created and it is suspected that it was only created for the alleged data leak.

During the assessment of data, our researchers noticed that multiple confidential files, including MoMs, assessment reports, confidential emails, login portal links and images of its internal pages were accessed and leaked.  

Internal email where the portal link was shared –

The portal to access the reports –

Screenshot shared in pdf file of internal pages –

Assessment report of Vaccine –

Summary report of drug release and stability –

To counter the impact of cyberattacks targeted towards the COVID-19 vaccine supply chain, here are a few security measures that organizations can adopt.  

  • Validating third-parties and ensuring that they have the necessary level of cyber defences 
  • Never clicking on unverified/unidentified links 
  • Refraining from opening email attachments before validating their authenticity 
  • Using security software and keeping it updated 
  • Training employees on cybersecurity through cyber literacy programs 
  • Periodically conducting third-party/suppliers risk assessment 

About Cyble

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.io. 

Recent Blogs

Cyble-Blogs-MOVEit-Transfer

Cyble analyzes MOVEit Transfer vulnerability and observes active exploitation in the Cyble Global Intelligence Sensors (CGSI).

Read More »
NoEscape RaaS

CRIL analyzes the newly advertised ‘NoEscape’ Ransomware-as-a-Service (RaaS) program that claims to facilitate sophisticated extortion operations using an advanced, indigenously developed ransomware strain.

Read More »
SharpPanda APT G20 Blog

Cyble analyzes SharpPanda, a highly sophisticated APT group utilizing spear-phishing tactics to launch cyberattacks on G20 Nation officials.

Read More »
Scroll to Top