News

‘Russian FSB hacked British politicians for years to leak secrets’

By admin
Spread the love

The Russian secret service FSB has been hacking British politicians and celebrities for years to extract information. The FSB would, among other things, later leak that information in order to undermine democratic processes. That’s what the British government claims.

The group would, among other things, use spear phishing to obtain information and thus gain access to email accounts, says the British government. With spear phishing, criminals pretend to be someone they know, for example in an email. The hackers are said to have been active since 2015 and target British politicians, universities, journalists, foundations, think tanks and other organizations. The group is said to have leaked trade documents with the United States before the 2019 British elections, which had been obtained through hacks.

The hacks are said to have been carried out by a group known as Callisto Group, Seaborgium, Coldriver or Star Blizzard, and led by FSB unit Center 18. The group would ‘selectively leak’ stolen information, in line with ‘confrontation goals’ of the Russian government. For example, the Russian government would like to undermine confidence in the British ‘and similar’ democratic systems.

The British government says two Russians who are members of the hacking group are being sanctioned and charged because of the hacks. The US government would also impose sanctions on the duo. The Russian ambassador is also summoned. The group is said to be mainly active in the United Kingdom and the United States, and to a lesser extent in other NATO member states.

According to the UK National Cyber ​​Security Centre, or NCSC, the group examines the target first via social media to map the target’s hobbies and contacts. Email accounts and social media accounts are then created, where they, for example, pretend to be experts. These email accounts use domain names that must resemble the domain names of existing companies. The criminals then contact the target, but first keep the contact innocent in order to build trust.

Only when this trust has been built will the criminals send a link to a site controlled by the hackers. This site resembles the login page of a well-known platform and asks the user to log in. By using the EvilGinx framework, the hackers can obtain login details and session cookies, according to the NCSC. The hackers also use these session cookies to bypass 2fa checks. After this, the criminals log in to the victim’s email account, where they steal emails and attachments, and ensure that new emails are automatically forwarded to the criminals. They also gain access to the victim’s contact lists, which they use to find new targets, and they use the email account for new phishing emails.

You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default