• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 

Godfather Android trojan uses virtualization to hijack banking and crypto apps

 | 

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

 | 

Linux flaws chain allows Root access across major distributions

 | 

A ransomware attack pushed the German napkin firm Fasana into insolvency

 | 

Researchers discovered the largest data breach ever, exposing 16 billion login credentials

 | 

China-linked group Salt Typhoon breached satellite firm Viasat

 | 

Iran experienced a near-total national internet blackout

 | 

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

 | 

Healthcare services company Episource data breach impacts 5.4 Million people

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Data Breach
  • Hacking
  • COVID-19 – Neo-Nazis spread a list of credentials for Gates Foundation, NIH, and WHO employees

COVID-19 – Neo-Nazis spread a list of credentials for Gates Foundation, NIH, and WHO employees

Pierluigi Paganini April 22, 2020

Nearly 25,000 email credentials allegedly from NIH, WHO, Gates Foundation and other organizations involved in the containment of COVID-19 pandemic are dumped online

While the principal organizations engaged in the fight against COVID-19 are the targets of conspiracy theories, a data dump containing email credentials from the Gates Foundation, World Health Organization (WHO), Center for Disease Control and Prevention (CDC), and a virology center based in Wuhan, appeared online.

The dump was discovered by the private terrorism watchdog SITE Intelligence, it first appeared on the popular message board 4chan then it was shared through a Telegram channel with over 5,000 followers. The Telegram channel is followed by Neo-Nazis and used to share content linked to neo-Nazi terrorist organizations Atomwaffen Division and The Base.

The dump has the following unique entries:

  • @NIH 9,938;
  • @WHO 2,732;
  • @CDCgov 6,857;
  • World Bank 5,120;
  • @GatesFoundation 269;
  • Wuhan Institute of Virology: 21

Below the Tweets shared by Rita Kats, director of SITE Intelligence Group:

2)Alleged email/pw lists, which far-right attempting to use toward harassment campaign, span following orgs & respective unique entries:@NIH: 9,938@WHO: 2,732 (also contains non-WHO domains)@CDCgov: 6,857
World Bank: 5,120@GatesFoundation: 269
Wuhan Institute of Virology: 21

— Rita Katz (@Rita_Katz) April 21, 2020

“Far-right extremists’ distribution of allegedly hacked data by organizations like WHO and the Gates Foundation is fitting to how they’ve targeted medical organizations and personnel amid the pandemic,” said executive director Rita Katz. “Whether out of accelerationist or conspiratorial-minded motivations, white supremacists and Neo-Nazis have called to vandalize hospitals, intentionally infect medical workers, and beyond.”

Initially media outlets reported that the organizations impacted by the data leak have been hacked, but there is no proof of the attack.

The analysis of the credentials leaked online confirmed that the were all included in past data breaches.

“Judging specifically from a list of the data obtained by Motherboard, it appears like this may be an aggregation of previously-hacked usernames and passwords that was compiled from previous data breaches of various companies, though Motherboard cannot say for sure at the moment where the list comes from and how it was compiled.” reads the post published by Motherboard. “Motherboard ran a series of the email addresses through the website haveibeenpwned.com, which compiles data breaches, and found that each of the addresses we tested have previously been part of known data breaches.”

The experts of the Under the Breach group also believe that the data were ammassed from past data breaches.

https://twitter.com/underthebreach/status/1252668683090038789

At the time it is not clear who has collected these credentials, it seems that someone is attempting to intimidate several leading government and non-governmental groups currently involved in the fight against the COVID-19 pandemic.

According to some screenshots published on 4chan some of the leaked credentials are still working and could be abused by attackers.

COVID 19 dump

The news is disconcerting for many reasons, primarily because organizations engaged in the containment of the COVID-19 pandemic are once again under attack19.

The leaked dump poses a severe risk to the representatives of the impacted organizations, they could be targeted by further attacks in the next weeks. Nation-state actors could use them to launch cyber espionage campaigns aimed at gathering information on the response to the COVID-19 and on the progress in testing drugs and vaccines.

One of the biggest risks is the manipulation of information to orchestrate disinformation campaigns aimed at discrediting governments and organizations that are working to contain the pandemic.

Italian readers could reads by interview on the topic here:

https://www.rainews.it/dl/rainews/articoli/coronavirus-attacco-hacker-violati-dati-oms-fondazione-gates-laboratorio-ricerca-wuhan-5e60a0f9-bbbc-47aa-9ff8-7b62db2f2a83.html

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – data leak, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

coronavirus COVID-19 data leak Hacking it security it security news Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini June 24, 2025
The U.S. House banned WhatsApp on government devices due to security concerns
Read more
Pierluigi Paganini June 24, 2025
Russia-linked APT28 use Signal chats to target Ukraine official with malware
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    The U.S. House banned WhatsApp on government devices due to security concerns

    Mobile / June 24, 2025

    Russia-linked APT28 use Signal chats to target Ukraine official with malware

    APT / June 24, 2025

    China-linked APT Salt Typhoon targets Canadian Telecom companies

    APT / June 24, 2025

    U.S. warns of incoming cyber threats following Iran airstrikes

    Cyber warfare / June 24, 2025

    McLaren Health Care data breach impacted over 743,000 people

    Data Breach / June 23, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT