Posted on January 15, 2018 at 7:50 AM
The Russian hacking group, Fancy Bear has been discovered to mimic the Senate’s login server and trying to mislead Senate members into using their login credentials on the fake server.
New research has recently surfaced which confirmed that the Russia-affiliated hacking group, Fancy Bear, has been targeting the United States Senate. Previously the hacking group has been accused of intervening in the French presidential election as well as infiltrating the Democratic National Committee.
According to a recent report published by the cybersecurity firm, Trend Micro, Fancy Bear launched a campaign in June 2017 which attempted to infiltrate the US Senate system. The hacking group created websites that pose as the Senate’s login server, in hopes of misleading Senate members into entering their login credentials on the fake server.
The phishing campaign has raised a lot of suspicion about what exactly the hacking group is planning, especially considering their alleged affiliation with the Kremlin. The research states that perhaps the phishing campaign is phasing one in a greater scheme to compromise Senate members and staff.
The fraudulent login servers have been designed in such a way to look exactly like the actual login page, which runs on Windows. However, the actual Senate page is not even available to the public and can only be accessed by Senate members once they are using the internal Senate network. However, the report by Trend Micro warns that perhaps this fraudulent server is merely a preparatory step.
The researchers note that once the hackers gain access to just one user’s login credentials, they can use the information to target higher-ranking Senate members.
In addition, the report discusses previous successful hacking campaigns by the Russian hacking group. Previously, Fancy Bear was involved in a host of other hacking campaigns, including one which targeted sports organizations related to the Olympics, as well as Iran during the 2017 presidential election period.
Fancy Bear has also been accused of compromising the DNC as well as other liberal political organizations during the 2016 US presidential campaign. According to researchers and US officials, Fancy Bear worked alongside another hacking group, known as Cozy Bear.
The hackers demonstrated a wide array of hacking techniques during their campaigns, including highly sophisticated techniques which infiltrated secure computer servers. However, similar techniques were also used by Russian cyberspies to target institutions and people such as Hilary Clinton’s presidential campaign manager, John Podesta. This technique requires misleading targeted individuals to enter their login details into fraudulent servers.
The US Intelligence has confirmed that Moscow published the stolen emails and other questionable documents using cyber pseudonyms or other platforms, such as DC Leaks, or posing as a hacker called “Guccifer 2.0”.
Trend Micro has been investigating Fancy Bear for quite some time. Shortly before the 2017 French presidential election was to take place, Trend Micro discovered that Fancy Bear was targeting employees from Emmanuel Macron’s election campaign. Despite the leaked emails, Macron won against a far-right candidate who had ties to the Kremlin.