The same hackers who accessed the computer systems of the Democratic National Committee (DNC) last year also targeted the campaign of Emmanuel Macron, one of two remaining candidates in the current French presidential election, according to security firm Trend Micro.
The group, known in the security community as Fancy Bear or Pawn Storm, among other code names, set up a URL that masqueraded as a Microsoft OneDrive account in order to capture information from the Macron campaign, Trend Micro said in a report published on Tuesday.
The OneDrive phishing attempt, which started last month, used the URL "onedrive-en-marche.fr" to attempt to spoof users, although it's unclear whether or not it allowed the hackers to successfully breach the campaign's computers. The phishing attempt appears similar to the methods that hackers used last year to gain access to the DNC's computer systems.
"There are several things which suggest that the group behind the Macron hacking was also responsible for the DNC breach, for example," Rik Ferguson, vice president of Trend Micro's security research program, told the Washington Post. "We found similarities in the IP addresses and malware used in the attacks."
Related
- Don't Fall for This Sophisticated Gmail Phishing ScamDon't Fall for This Sophisticated Gmail Phishing Scam
Trend Micro said Pawn Storm frequently targets victims like political parties and candidates that are at odds with Russian geopolitical interests. Crowdstrike, another security firm that investigated the DNC hack, suggested last summer that the group, which it refers to as Fancy Bear, is aligned with GRU, Russia's military intelligence service.
Many of the group's phishing campaigns resemble the login screens of major email services with remarkable accuracy, according to Trend Micro's report. In addition to phishing, the group also relies on DNS attacks to gain access to victims' computers.
The group's most recent target, according to Trend Micro, is the Konrad Adenauer Foundation, a German political think tank, which was hit with a phishing campaign on March 5.
A breach discovered over the weekend may have exposed the messages and content in a small number of HipChat rooms, the company said.
Each investigation focuses on a different aspect of Russia's influence campaign.
The tech companies teamed with major news organizations on a series of verification tools.
Moz Pro keyword searches and SEO campaigns can help you win Featured Snippets, the key to Google rankings on desktop, mobile, and voice-activated Google Assistant searches on Google Home.
Relax Russia-Linked Hackers Target French Election stories
A breach discovered over the weekend may have exposed the messages and content in a small number of HipChat rooms, the company said.
A lawsuit filed yesterday in the Southern District of New York claims that the Windows version of Confide doesn't offer screenshot protection.
By using non-Latin Unicode characters, it's theoretically possible to register a domain name for a phishing website that looks nearly identical to the one it's trying to spoof.
Secure communication should really be at the top of mind for any entrepreneur. And the best line of defense probably isn't what you think.
Google settles antimonopoly lawsuit in Russia, pays $7.85 million in fines, and promises not to restrict rival search engines on Android.
37 restaurants confirmed as having malware installed on point of sale equipment and card details stolen between December and March.
The Switch is selling well, now Nintendo wants to ensure the games do too by thwarting piracy before it happens.
Operational since 2012, the botnet was the brainchild of one of the world's most notorious cyber criminals, who was arrested in Spain last week.
A series of computer viruses targeting companies and organizations closely resembles the Vault 7 hacking tools that WikiLeaks disclosed.
Shadow Brokers tried unsuccessfully to ransom its trove of surveillance tools, so it released them for free.
It was meant to be joke malware, but the author managed to infect himself, and the game is impossibly hard.
The company is investigating a report that data for payment cards used at Gamestop.com has shown up for sale online.
Tax-themed spam emails increased 6,000 percent from December 2016 to February 2017. Here are some common scams to look out for.
Pornhub on Thursday officially switched to HTTPS, so visitors can now access the site over an encrypted channel. YouPorn will also soon be making the switch.
Congress just moved to let ISPs sell your personal data. Here's how to protect yourself.
Is public Wi-Fi safe? Hell, no. But there are steps you can take.
The question is, do you keep the Calvin Dash button out to impress guests, or in your underwear drawer where it'll be most useful?
Google said it's improving the methods it uses to evaluate sites, and is rolling out algorithmic updates to 'surface more authoritative content' and demote fake news.
Apple hopes both store redesigns and creative workshops will reel you in.
Rocket Racoon, Chun Li, Hulk and more collide in the upcoming beat ‘em up.
At Tribeca, artists are using VR to bring you closer to nature.
A breach discovered over the weekend may have exposed the messages and content in a small number of HipChat rooms, the company said.
Don't underestimated the cumulative power of small, steady changes in your daily routines.
Your own personal cinema experience. Popcorn optional.
Snapdragon 835 phones released by the end of the year may have radically better rural coverage on T-Mobile going forward, especially in the western US.
A product designer took a Juicero apart and found a complex juicer with expensive custom-made components.