Russian Hackers Targeted Kyiv Firm Trump Wanted Probe

Published: 15 January 2020

Email PhishingRussian military intelligence tried to hack Ukrainian firm at the center of a scandal that led to President Trump’s impeachment. (Photo: Hivint-Stock-Photos (CC BY 2.0))

By Zdravko Ljubas

Russian hackers tried to steal emails and email credentials from the Ukrainian gas company that found itself last year at the center of a scandal that led to President Donald Trump’s impeachment, a US cybersecurity company said in a report published on Monday.

Hunter Biden, the son of the US Democratic presidential contender Joe Biden, had a seat at the board of the Kyiv-based energy company Burisma Holding.

Trump is suspected of having abused his power by trying to press newly elected Ukrainian President Volodymyr Zelensky into announcing a corruption investigation that would be targeting Biden.

“Beginning in early November of 2019, the Main Intelligence Directorate of the General Staff of the Russian Army (GRU), launched a phishing campaign targeting Burisma Holdings,” the Redwood City (CA)-based Area 1 Security reported.

It said that the phishing campaign was “designed to steal email credentials (usernames and passwords) of employees at Burisma Holdings and its subsidiaries and partners.”

The report also said that in their phishing campaign, GRU agents used fake domains that were designed to imitate the sites of real Burisma subsidiaries.

“The timing of the GRU’s campaign in relation to the 2020 US elections raises the spectre that this is an early warning of what we have anticipated since the successful cyberattacks undertaken during the 2016 US elections,” said the Area 1 Security report, signed by Oren J. Falkowitz, the company’s co-founder and CEO, and co-founder and CSO, Blake Darche.

The same group, known as “Fancy Bear” or “APT28,” breached the Democratic National Committee in 2016 in what US investigators described as part of an operation to disrupt elections, Reuters reminded.

Area 1 Security also said that the same phishing campaign targeted a media organization founded by Zelensky.

Experts who spoke to the New York Times said that the timing and scale of the attacks suggest that the Russians were probably searching for potentially embarrassing material on the Bidens.

Trump reportedly asked for similar information from Ukraine when he pressed for an investigation of the Bidens and Burisma, which later provoked a chain reaction that led to his impeachment.