A malicious website was designed to trick a staffer into handing over a password.
Hackers with suspected ties to a Russian intelligence group tried to access the email of a staff member of Missouri Sen. Claire McCaskill, a trail of evidence first unearthed by the Daily Beast indicates.
The attempt follows the same playbook Russians followed in the alleged hacking operation in the 2016 election -- get the target to hand over his email password.
Reporters found a screenshot of a phishing website tailor-made for Kyle Simpson, a former staffer in McCaskill's office. McCaskill is a Democrat who is up for reelection this fall. The page mimics a page administered by Microsoft that lets hill staffers and lawmakers log in to email and other online services. What's more, the page appears to be run by a group affiliated with the GRU, the Russian intelligence agency accused of hacking the head of Hillary Clinton's presidential campaign in 2016 as part of a larger conspiracy to influence the election.
The revelation comes amid growing concern over cybersecurity in the midterm elections later this year. Last week, Director of National Intelligence Dan Coats said Russia is continuing its misinformation efforts, and is "one click of the keyboard away" from attacking election infrastructure like voter registration databases.
Simpson, the former Senate staffer, didn't immediately reply to a request for comment. In a statement Thursday, Sen. McCaskill appeared to confirm the hacking attempt took place.
"Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable," McCaskill said in an emailed statement. "While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. I've said it before and I will say it again, Putin is a thug and a bully."
The phishing page matches a hacking attempt described last week by a Microsoft executive at the Aspen Security Forum. Microsoft's vice president for customer security and trust, Tom Burt, said the company had identified three candidates for Senate targeted by hacking attempts, though he wouldn't name them.
"We did discover that a fake Microsoft page had been established as the landing page for phishing attacks," Burt told the crowd at the annual event, "and we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections."
Microsoft declined to comment for this story.
CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.
Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.