SEOUL—North Korean hackers have targeted at least six pharmaceutical companies in the U.S., the U.K. and South Korea working on Covid-19 treatments, according to people familiar with the matter, as Pyongyang seeks sensitive information it could sell or weaponize.
The firms include previously unreported targets in the U.S.: Johnson & Johnson and Maryland-based Novavax Inc., which are both working on experimental vaccines, the people said. The list also includes three South Korean companies with Covid-19 drugs in earlier clinical trials, Genexine Inc., Shin Poong Pharmaceutical Co. and Celltrion Inc., they added.
North Korea had also tried infiltrating U.K.-based AstraZeneca PLC, whose vaccine co-developed with the University of Oxford, has been shown to be as much as 90% effective and is seeking emergency approval, the people said. On Friday, Reuters reported that suspected North Koreans had tried to break into the systems of AstraZeneca, citing unnamed officials.
It wasn’t known whether the Pyongyang hackers succeeded in swiping useful information. But North Korea has coordinated attacks on the six companies since August, the people said.
The attacks contained digital fingerprints used in other North Korean campaigns against the State Department and South Korea’s unification ministry, such as the use of similar IP addresses, the people said.