Surgeon warns for possible APT on COVID scientists

Atul Gawande, Surgeon, Writer and researcher, has warned on Twitter, that someone is posing to be Atul Gawande. The imposter is asking scientists for an interview. He continues to warn that the imposter utilizes the signature ‘Atul Gawande, Staff Writer, The New Yorker’. He continues to explain the cyberattack on his Twitter account.

Tweet containing the warning for a possible APT

In his tweets, he explains which email address he uses for work, and he continues to explain that one of the scientists actually did respond to the imposter mails.

APT Response

The victim responded to the email from the imposter. Multiple emails were send back and forth. The imposter also did a phone call with the victim and eventually, the imposter send a (phishing) link, which resulted in the theft and access to the victims computer, phone, apple ID, business and home gmail accounts.

The cybercriminals continued to access the victims Twitter account, and they utilized different social media accounts on which they had obtained access to.

The story continues

APT ‘Chinus Virus Lab’ Threat actors

Atul Gawande explains on his Twitter account, that the threat actor might be “China virus lab theory” conspiracists targeting scientists who’ve done work with Chinese labs.

How to stay extra vigilant

Time needed: 4 minutes.

In this short guide, I will provide you some steps which can help to improve your (cyber) security layers

  1. Emails

    If you get an email, and you are in the scientific field, then please verify the email address and the sender via a different method. Ask a collegae which might know that person. If you know that person, give them a call with the contact details you already have. Do not use any information that you see in the email.

  2. Do not send information

    If someone is asking for information, then verify the identity of that person before you send any information. Follow the security policy on how to send information. Ask this information from the security officer or the chief information security officer in your company.

  3. Suspicious mails

    If you are getting suspicious mails, then the chance is high that the person next to you are getting similar mails. Inform them, and stay vigilant together.

  4. Scanning files

    If you really have to open a file from a suspicious mail, then make sure that you scan that file with your local anti-virus solution. If you are in the scientific research field, then I advice you not to scan your files on VirusTotal. Always use a local anti-virus solution which is up to date.


[email protected]

Share this information