Russian hackers reportedly hit Ukrainian gas firm at heart of Trump impeachment
The attacks had the earmarks of the 2016 hack on the DNC.
Hackers working for the Russian military launched a cyberattack against the Ukrainian gas company at the center of efforts by President Donald Trump to pressure officials in that country to investigate former Vice President Joe Biden and his son, Hunter, The New York Times reported Monday.
The hacking attempts began in November, the newspaper reported, citing security experts, as impeachment talk was gearing up in the US. It wasn't immediately clear whether the hackers found anything, but experts told the newspaper that they may have been after the same kind of information Trump was after as he sought the investigation into the Bidens.
The revelations emerged after Trump was impeached by the US House of Representatives in December for abuse of power and obstruction of Congress related to accusations Trump pressured Ukrainian President Volodymyr Zelensky to launch an investigation into alleged corruption involving Hunter Biden, who sat on the natural gas company's board.
The hackers' tactics are said to bear striking similarities to the hacking of emails from Democratic National Committee during the 2016 presidential campaign, an attack that US intelligence agencies say was conducted by Russia. The Russian government has repeatedly denied hacking the DNC.
In that attack, hackers used "spear phishing," which involves sending bogus emails disguised as legitimate ones to fool recipients into revealing passwords or other sensitive information, or to trick them into downloading malicious software.
As with the DNC attack, hackers from the Russia-linked agency Fancy Bear -- thought to be part of Russia's military intelligence agency, the GRU -- sent phishing emails to Ukrainian oil company Burisma, apparently with hopes of stealing usernames and passwords, The Times reported, crediting Silicon Valley security company Area 1 with discovering the hack.
Hackers managed to fool some Burisma employees into divulging their login credentials that allowed access to one of the company's servers, The Times reported. Hackers directed employees of Burisma subsidies to fake login pages to steal their credentials, Area 1 found.
Area 1 representatives didn't immediately respond to a request for comment.