Russian state hackers are targeting Biden and Trump campaigns, MSFT warns

by
Dan Goodin
from Ars Technica - All content on (#580N7)
putin-800x494.jpg

Enlarge / Vladimir Putin. (credit: Kremlin.ru)

Fancy Bear-the Russian state hacking group that brought you the smash-and-leak attacks on the Democratic National Committee and World Anti-Doping Agency, the NotPetya worm that inflicted billions of dollars of damage worldwide, and the VPN Filter compromise of 500,000 routers-is targeting organizations involved in elections taking place in the US and UK, Microsoft has warned.

Over a two-week period last month, the group attempted attacks on more than 6,900 accounts belonging to 28 organizations, Microsoft said. Between September 2019 and last June, Fancy Bear targeted tens of thousands of accounts belonging to employees of more than 200 organizations. The hackers use two techniques-one known as "brute forcing" and the other called "password spraying"-in an attempt to obtain targets' Office365 login credentials. So far, none of the attacks has succeeded.

Security researchers from a host of companies widely agree that Fancy Bear works on behalf of the GRU, Russia's military intelligence agency. The GRU has been tied to more than a decade of advanced hacking campaigns, including several that have inflicted serious damage to national security. Industry members use an assortment of colorful names to refer to the group. Besides Fancy Bear, there's also Pawn Storm, Sofacy, Sednit, and Tsar Team. Microsoft's name for the outfit is Strontium.

Read 10 remaining paragraphs | Comments

index?i=ukTJc4eibvM:4Hg-1Lc7m9Y:V_sGLiPB index?i=ukTJc4eibvM:4Hg-1Lc7m9Y:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments