The hackers posed as recruiters on networking site LinkedIn and WhatsApp to approach AstraZeneca staff with fake job offers.
They then sent documents purporting to be job descriptions that were laced with malicious code designed to gain access to a victim’s computer.
The hacking attempts targeted a “broad set of people” including staff working on COVID-19 research, said one of the sources but are not thought to have been successful.
Pyongyang has steadfastly rejected previous allegations of trying steal information from pharmaceutical companies undertaking vaccine research.
The sources said the tools and techniques used in the attacks showed they were part of an ongoing hacking campaign that US officials and cybersecurity researchers are convinced originates in North Korea.
The cyber campaign has previously focused on defence companies and media organisations but pivoted to COVID-related targets in recent weeks, according to three people who have investigated the attacks.
Cyberattacks against health bodies, vaccine scientists and drugmakers have soared during the COVID-19 pandemic as state-backed and criminal hacking groups scramble to obtain the latest research and information about the outbreak.
Western officials warned solen information could be sold for profit, used to extort the victims, or give foreign governments a valuable strategic advantage as they fight to contain a disease that has killed 1.4 million people worldwide.
Earlier this month Microsoft warned two North Korean hacking groups target vaccine developers in multiple countries, including by “sending messages with fabricated job descriptions.”
Microsoft did not name any of the targeted organisations.
AstraZeneca, which has emerged as one of the top three COVID-19 vaccine developers, has not commented on the latest allegations.
BREAKING NEWS. MORE FOLLOWS…