After Trump Win, Russian Hackers Strike US Think Tanks


Russian hackers wasted no time this week, attacking American political think tanks and non-government organizations (NGOs) on Wednesday.

A round of targeted phishing campaigns (attempts to obtain sensitive information by pretending to be a trustworthy entity) came less than six hours after Donald Trump was named President-elect of the US.

According to cyber incident response firm Volexity, the hackers belong to a Russian gang best known for infiltrating computer networks at the Democratic National Committee and the Democratic Congressional Campaign Committee. The group—often referred to as APT29, Cozy Bear, or The Dukes—began targeting research organizations and NGOs in July 2015.

"This represented a fairly significant shift in the group's previous operations and one that continued in the lead-up to and immediately after the 2016 United States Presidential election," Volexity founder Steven Adair wrote in a blog post.

The Dukes in August launched several waves of highly targeted spear-phishing attacks, sending spoofed email messages to specific individuals at US-based organizations via backdoor malware dubbed PowerDuke. The same malware, which allows the hackers to examine and control a system, was used again in this week's post-election invasions.

As reported by Volexity, two of the attacks purported to be messages forwarded from the Clinton Foundation, two posed as eFax links or documents regarding rigged election results, and the last claimed to be a link to a PDF download on "Why American Elections Are Flawed."

Last month, federal officials said they are "confident" that the Russian government is behind recent attacks of US political organizations, like the DNC. Russian President Vladimir Putin has denied any involvement in said hacks.

"The Dukes continue to launch well-crafted and clever attack campaigns. They have had tremendous success evading anti-virus and anti-malware solutions at both the desktop and mail gateway levels," Adair wrote on Wednesday. "Volexity believes that The Dukes are likely working to gain long-term access into think tanks and NGOs and will continue to launch new attacks for the foreseeable future."

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    Polarr Pro (for Windows 10)

    Though I remain a fan of Windows 10's default Photos app, there are several things it can't do.Compare Similar ProductsCompare Microsoft Photos (for Windows 10) %displayPrice% Adobe Photoshop Express (for Windows 8) %displayPrice% Adobe Photoshop Elements 14 %displayPrice% CyberLink PhotoDirector 7 Ultra %displayPrice% Adobe Photoshop Lightroom CC %displayPrice% Corel AfterShot Pro 2 %displayPrice% ACDSee 19 %displayPrice% ACDSee Pro 9 %displayPrice% Getting It and Getting GoingPolarr Pro is $19.
  • 5300c769af79e

    Winners of the First Google Play Awards Include Robinhood, Houzz, Alphabear

    During an evening presentation at Google I/O last night, Google announced winners for their first ever Google Play Awards.After announcing a handful of apps for a handful of categories (like “Best use of Material Design” and “Best game”) a few weeks back, we now know who reigns supreme in the eyes of Google’s “panel of experts on the Google Play team.
  • 5300c769af79e

    Friday App Sales: Kovdev Icon Packs 50% Off, Monument Valley for $1, and More

    Heading into the weekend, there is a large list of applications currently on sale in Google Play.For starters, our good friend Dave Kover (aka Kovdev) has his entire icon pack library on sale, each priced at just $0.
  • 5300c769af79e

    BitTorrent Now Streaming App for Music, Video Hits Android

    Available now to Android users (and coming soon to iOS and Apple TV), the Spotify-like service makes it easy to browse and stream content, see what's trending in the community, and explore by tag, genre, etc.Sign in with Facebook, Google, or email to follow your favorite creators and get the scoop on their latest releases.