It is unknown whether the hacking attempt was successful, according to the Reuters news agency, which reported the incident on Friday.
The web domains and servers used by the hacking group were linked to Iran, but it was unclear what the hackers’ motives were, or whether they had any ties to the Iranian government.
Israeli cybersecurity firm ClearSky discovered the attempt, its lead researcher at the Ynet news site said. ClearSky is monitoring Iran’s hacking activity and was one of three cybersecurity researchers who confirmed Gilead’s hacking attempt to Reuters.
The other two researchers were not allowed to speak in public. The report was based on publicly available web archives.
The hacking group, called “Charming Kitten,” usually focuses on hacking journalists and human rights groups, ClearSky told Ynet Ohad Zaidenberg.
For the past month and a half, the group has focused on those responsible for the coronavirus crisis, he said.
“Last week, we discovered that they were working against the infrastructure of the American research institute Gilead, and we determined that they were trying to harm other research organizations that treat coronaviruses, including in Israel Said Zaidenberg.
Zaidenberg said Israel was one of the main targets of the outfit.
“They became very active again last week. In Israel they operate at high intensity, trying to steal [personal] the details and everything that allows them to take control of an email address and use it for all kinds of purposes, “he said.
Recent hacking attempts show that hackers around the world are focusing on gathering information about the virus, said Zaidenberg.
For the Gilead hacking attempt, in one case, the attackers sent a bogus login page by email to a senior Gilead official to try to steal passwords, Reuters reported. The method was used in previous attacks related to “Charming Kitten”.
The Iranian envoy to the United Nations denied any government involvement in the incident.
“The Iranian government is not engaging in cyber warfare,” said Alirez Miryousefi. “The cyber activities in which Iran engages are purely defensive and protect against further attacks on Iranian infrastructure.”
Gilead declined to comment on the issue due to the company’s policies against the cybersecurity talks.
Hackers linked to Iran and other groups have attempted in recent weeks to rape the World Health Organization, Reuters reported. The United States and the United Kingdom said this week that state-sponsored attackers were targeting pharmaceutical and research companies dealing with treatments for coronaviruses, without naming the targets.
Remdesivir, Gilead’s antiviral medication, was approved on May 1 by the United States Food and Drug Administration to treat COVID-19.
The FDA said in a statement that Gilead’s intravenous drug would be specifically indicated for hospital patients with “serious illness”, such as those with respiratory problems requiring supplemental oxygen or ventilators.
The FDA acted after preliminary results from a government-sponsored study showed that the drug shortened the recovery time by 31%, or about four days on average, for COVID-19 hospital patients.
Dr. Anthony Fauci of the National Institutes of Health said the drug would become a new standard of care for critically ill COVID-19 patients. The drug, which blocks an enzyme that the virus uses to copy its genetic material, has not been tested in people with milder disease.
Israel has a strong relationship with California-based Gilead, which puts the country in a good position to supply remdesivir, an official with the Department of Health told The Times of Israel on Monday.
Israeli hospitals are currently part of two trials for remdesivir, one led by the company and the other by the World Health Organization.