The Wall Street Journal reports: Hackers matching the profile of a pro-Kremlin group have tried in recent weeks to access campaign email accounts of French presidential candidate Emmanuel Macron, a cybersecurity firm said Monday, raising fears of election interference in the final two weeks of the France’s presidential campaign.
In a report set to be published Tuesday, security-research firm Trend Micro identified a pro-Kremlin hacking group it calls Pawn Storm as the likely source of a multipronged phishing attack that started in mid-March against Mr. Macron’s campaign.
As part of the attack, hackers set up multiple internet addresses that mimicked those of the campaign’s own servers in an attempt to lure Mr. Macron’s staffers into turning over their network passwords, said Feike Hacquebord, a senior threat researcher for Tokyo-based Trend Micro and the author of the report, a copy of which was reviewed by The Wall Street Journal.
Mounir Mahjoubi, digital director of Mr. Macron’s campaign, confirmed the attempted hacking, saying that several staffers had received emails leading to the fake websites. The phishing emails were quickly identified and blocked, and it was unlikely others went undetected, Mr. Mahjoubi said.
“We can’t be 100% sure,” he said, “but as soon as we saw the intrusion attempts, we took measures to block access.”
The hacking group Pawn Storm, which is known to other cybersecurity firms as Fancy Bear or APT28, was identified by U.S. officials and cybersecurity experts last year as a Russian state-backed organization. They said the group had carried out hacks to obtain and subsequently leak emails from the Democratic National Committee and Hillary Clinton’s campaign chairman during last year’s U.S. presidential election, allegations that Russia denied. [Continue reading…]