X

Russian hackers reportedly hit Ukrainian gas firm at heart of Trump impeachment

The attacks had the earmarks of the 2016 hack on the DNC.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
See full bio
Steven Musil
2 min read
gettyimages-1140203067

Russian hackers have reportedly turned their attention to the Ukrainian oil company at the center of the Trump impeachment probe.

 Westend61/Getty Images

Hackers working for the Russian military launched a cyberattack against the Ukrainian gas company at the center of efforts by President Donald Trump to pressure officials in that country to investigate former Vice President Joe Biden and his son, Hunter, The New York Times reported Monday.

The hacking attempts began in November, the newspaper reported, citing security experts, as impeachment talk was gearing up in the US. It wasn't immediately clear whether the hackers found anything, but experts told the newspaper that they may have been after the same kind of information Trump was after as he sought the investigation into the Bidens.

The revelations emerged after Trump was impeached by the US House of Representatives in December for abuse of power and obstruction of Congress related to accusations Trump pressured Ukrainian President Volodymyr Zelensky to launch an investigation into alleged corruption involving Hunter Biden, who sat on the natural gas company's board.

The hackers' tactics are said to bear striking similarities to the hacking of emails from Democratic National Committee during the 2016 presidential campaign, an attack that US intelligence agencies say was conducted by Russia. The Russian government has repeatedly denied hacking the DNC.

In that attack, hackers used "spear phishing," which involves sending bogus emails disguised as legitimate ones to fool recipients into revealing passwords or other sensitive information, or to trick them into downloading malicious software.

As with the DNC attack, hackers from the Russia-linked agency Fancy Bear -- thought to be part of Russia's military intelligence agency, the GRU -- sent phishing emails to Ukrainian oil company Burisma, apparently with hopes of stealing usernames and passwords, The Times reported, crediting Silicon Valley security company Area 1 with discovering the hack.

Hackers managed to fool some Burisma employees into divulging their login credentials that allowed access to one of the company's servers, The Times reported. Hackers directed employees of Burisma subsidies to fake login pages to steal their credentials, Area 1 found.

Area 1 representatives didn't immediately respond to a request for comment.

Watch this: Cyberattack: How we were phished by professional hackers