The Ukrainian gas company, currently at the centre of President Donald Trump’s impeachment, was hacked by Russian military agents in November 2019.
Cybersecurity firm, Area 1 Security, has announced its discovery of an active phishing campaign that has been targeting Burisma Holdings, one of the largest private natural gas producers in Ukraine.
Area 1 became aware of the hack after its scanning product discovered suspicious activity online, involving decoy domains for fake websites.
The ongoing phishing campaign, by the Main Intelligence Directorate of the General Staff of the Russian Army (GRU), was targeting employees at subsidiaries and partners of Burisma Holdings.
Employees were being sent what appeared to be internal company emails and fake websites that looked like the login pages of Burisma subsidiaries.
The phishing campaign was launched in early November 2019 and uses the technique of credential harvesting to allow threat actors to observe and gain control of an organisation’s internal systems.
After gaining access to the internal systems, threat actors can impersonate employees, change business outcomes and manipulate public perceptions.
“Cyber campaigns continue to be a geopolitical tool for waging war, influencing election, theft of intellectual property and financial assets, and espionage,” said Oren J. Falkowitz, Chief Executive Officer of Area 1 Security.
“Yet time and again, we see that phishing campaigns like the GRU’s rely on human perception of authenticity, not on cutting-edge technology. Therefore, phishing campaigns are not insurmountable – and they can be stopped.”
The gas company recently got itself tangled in U.S foreign and domestic politics, being at the centre of impeachment proceedings against President Trump.
In December, President Trump was impeached over allegations that he pressured Ukrainian President Zelensky to launch an investigation into Burisma and the Bidens. Trump is now due to stand trial in the Senate for the abuse of power and obstruction of Congress.
The post #Privacy: Ukrainian gas company targeted by Russian hackers appeared first on PrivSec Report.