Russian hackers attempt to deceive German politicians, Bloomberg reveals details
Russian hackers and spies attempted to deceive representatives of German political parties using fake dinner invitations, according to Bloomberg.
Hackers from the APT29 group, linked to the Russian foreign intelligence service, were previously known for attacks on diplomatic institutions.
But this time they focused on political parties. The material writes that this shift indicates a broad threat to European and other Western political parties across the political spectrum.
Chief analyst at Mandiant Intelligence, John Hultquist, said he is concerned that this may not be an isolated incident, and other organizations may become targets of hackers in the near future.
What was the attack about
The attack involved Russian hackers posing as representatives of Germany's center-right Christian Democratic Union party, sending fake dinner invitations via email claiming the dinner would take place on March 1.
The invitation encouraged recipients to click a link, which directed them to a malicious file.
The report added that the shift of Russian hackers to attacks on political parties aligns with Kremlin interests in understanding decision-making processes related to Ukraine and other issues.
Connection to Ukraine
The article notes that some of the hacking tools used by Russian spies in the attack on Germany were first detected by security researchers at the end of January 2024.
"Outside of Ukraine, there is no bigger priority for Russia’s intelligence services right now than monitoring changing Western political dynamics," said Mandiant's chief analyst, Dan Black.
He believes this attack is not just aimed at targeting the CDU or Germany. He thinks it's part of broader Russian efforts to find ways to undermine European support for Ukraine.
Cyberattacks on Ukraine
Recently, a series of cyberattacks by hackers were recorded, during which the perpetrators sent Ukrainian servicemen messages via the Signal messenger with malicious software about recruitment to the 3rd Separate Assault Brigade of the Armed Forces of Ukraine and the Israeli Defense Forces.
Earlier, VEON, the parent company of one of Ukraine's two largest mobile operators, Kyivstar, said that a massive cyberattack on December 12, 2023, would cost it about 3.6 billion hryvnias (around 95 million dollars).