The Chinese research laboratory at the centre of a conspiracy theory about the origin of the new coronavirus has been targeted by hackers, according to security watchers. The Wuhan Institute of Virology was among targets including the World Health Organisation whose employees’ email addresses and login credentials were leaked and circulated online on Tuesday, the SITE Intelligence Group, which monitors right-wing extremism, said in a report. The information was shared on Telegram channels, Twitter accounts and message board threads, especially those used by far-right extremists. Screen captures of attempts to log in to email accounts using the leaked information were also posted on discussion sites. The Wuhan institute, which is affiliated with the Chinese Academy of Sciences, runs the country’s only level-four biosafety laboratory – the highest level that carries out research on the most dangerous pathogens. It is located in the central Chinese city where coronavirus cases were first reported late last year and has been the subject of persistent speculation that the new virus strain was accidentally leaked from the lab, which the institute has denied. The WHO on Thursday confirmed that some 450 active WHO email addresses and passwords were leaked, but said they did not put the global health body’s systems at risk because the data was not recent. However, the WHO said the cyberattack had an impact on an older extranet system that was used by current and retired staff as well as partners, and noted an increase in such attacks. “The number of cyberattacks is now more than five times the number directed at the organisation in the same period last year,” the WHO said. Victims of the email credentials leak also included the Bill and Melinda Gates Foundation, US Centres for Disease Control and Prevention, World Bank and the National Institutes of Health, the SITE report said. It was not clear who carried out the cyberattacks, but SITE suggested they were aimed at harassing the staff at the organisations and retrieving sensitive Covid-19 information, as they had all been part of conspiracy theories around the pandemic. “The only thing that matters to [the far-right community] is that the data is available to use towards their own purposes – in this case being the spread of conspiracy theories about the ‘lab-made’ origins of the coronavirus, among other ideas,” said Rita Katz, executive director of SITE. Separately, hackers backed by Hanoi attempted to hack the email accounts of Wuhan government staff as well as China’s Ministry of Emergency Management, US cybersecurity firm FireEye said on Wednesday. Tensions have been rising between Beijing and Hanoi over the South China Sea. Vietnam’s foreign ministry on Thursday called the FireEye report “baseless”. The latest reports of cyberattacks came after a Beijing-based security firm earlier this month said Chinese agencies and diplomatic missions had been targeted by hackers through their virtual private network servers in a coordinated campaign. Asked about the Vietnam-linked attacks on Friday, foreign ministry spokesman Geng Shuang would not confirm if they had taken place, nor did he mention the Wuhan institute. But he said: “Cyberattacks against institutions fighting the coronavirus pandemic should be condemned around the world.” Meanwhile, the US Federal Bureau of Investigation last week also said it had seen evidence of foreign state-sponsored hackers targeting US Covid-19 research institutions, likely for their work on potential treatments or vaccines, but the FBI did not name any countries or identify the targeted organisations.
