Tainted Leaks: Researchers Unravel Cyber-Espionage Attacks

Phishing Emails, Hacked Gmail Addresses Tied to Campaign with Russian Nexus

A cyber-espionage campaign apparently linked to Russia has targeted more than 200 people in 39 countries and leaked victims’ stolen information – sometimes in altered form – as part of a disinformation campaign, according to privacy researchers at Citizen Lab.

The researchers say many of the phishing attacks employ fake – but real-looking – emails from Google, and that successful attacks have resulted in the theft and dumping of documents from victims’ Google Drive accounts.

Some of the dumped documents have first been altered before being released as part of a parallel disinformation campaign, the Citizen Lab researchers write in a new report, Tainted Leaks: Disinformation and Phishing With a Russian Nexus.

Individuals known to have been targeted by attackers include members of 28 governments, as well as a former Russian prime minister, ambassadors, senior military officers and heads of energy companies. The attackers have also targeted “academics, activists, journalists, and representatives of non-governmental organizations,” the researchers say.

Continue reading…