Russian hackers have reportedly turned their attention to the Ukrainian oil company at the center of the Trump impeachment probe.
Hackers working for the Russian military launched a cyberattack against the Ukrainian gas company at the center of efforts by President Donald Trump to pressure officials in that country to investigate former Vice President Joe Biden and his son, Hunter, The New York Times reported Monday.
The hacking attempts began in November, the newspaper reported, citing security experts, as impeachment talk was gearing up in the US. It wasn’t immediately clear whether the hackers found anything, but experts told the newspaper that they may have been after the same kind of information Trump was after he sought the investigation into the Bidens.
The revelations emerge after Trump was impeached by the US House of Representatives in December for abuse of power and obstruction of Congress related to accusations Trump pressured Ukrainian President Volodymyr Zelensky to launch an investigation into alleged corruption involving Hunter Biden, who sat on the natural gas company’s board.
The hackers’ tactics bear striking similarities to the hacking of emails from Democratic National Committee during the 2016 presidential campaign, an attack that US intelligence agencies say was conducted by Russia. The Russian government has repeatedly denied hacking the DNC.
In that attack, hackers used spear fishing, which involves sending bogus emails disguised as legitimate ones to fool recipients into revealing passwords or other sensitive information, or to trick them into downloading malicious software.
As with the DNC attack, hackers from the Russia-linked agency Fancy Bear — thought to be part of Russia’s military intel agency, GRU — sent phishing emails to Ukrainian oil company Burisma, apparently with hopes of stealing usernames and passwords, The Times reported, crediting Silicon Valley security company Area 1 with discovering the hack.
Hackers managed to fool some Burisma employees into divulging their login credentials that allowed access to one of the company’s servers, The Times reported. Hackers directed employees of Burisma subsidies to fake login pages to steal their credentials, Area 1 found.
Area 1 representatives didn’t immediately respond to a request for comment.
All copyrights for this article are reserved to CNET