The Russia-linked APT29 has targeted pharma research in Western nations in a likely attempt to get ahead on a cure for coronavirus. The group is using exploits for known vulnerabilities to gain initial access to targets. Once a system is compromised, the group then looks to obtain additional authentication credentials to allow further access and spread laterally. The malware is called WellMess and WellMail, and is designed to run commands or scripts while communicating with a hardcoded command-and-control (C2) server.
Source: https://threatpost.com/state-sponsored-hackers-steal-covid-19-vaccine-research/157514/