Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences

  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.
Sign in / up

Security

Russian hackers target MH17 journalists for embarrassing Putin

State threat actors are a reality for today's scribes

icon John Leyden
Thu 29 Sep 2016 // 13:07 UTC

Journalists investigating the downing of the MH17 flight over eastern Ukraine in 2014 have been hacked by Russia, according to security intelligence outfit ThreatConnect.

The Joint Investigation Team (JIT) recently announced that Malaysia Airlines flight MH17 was shot down over Eastern Ukraine in July 2014 by a missile transported from Russia.

Investigative journalism group Bellingcat, whose reports were consulted by the JIT during the investigation, were targeted in a series of sophisticated hacks.

These assaults included spearphishing, credential harvesting, SMS spoofing and more, as explained in a blog post by ThreatConnect (extract below).

[Bellingcat founder Eliot] Higgins shared data with ThreatConnect that indicates Bellingcat has come under sustained targeting by Russian threat actors, which allowed us to identify a 2015 spearphishing campaign that is consistent with FANCY BEAR’s tactics, techniques, and procedures. We also analyzed a February 2016 attack by CyberBerkut – a group claiming to be pro-Russian Ukrainian hacktivists but also a suspected front for Moscow – against Russia-based Bellingcat contributor Ruslan Leviev, where CyberBerkut defaced the Bellingcat website and leaked Leviev’s personal details.

ThreatConnect’s research shows a “similarity in the attack patterns to those adopted by Russia” against other targets to those slung against Bellingcat.

“Organisations which negatively impact Russia’s image can expect cyber operations intended to retaliate or maliciously affect them,” ThreatConnect notes, adding that the assault is “symptomatic of a wider trend of state actors attempting to hack and disrupt private enterprises” such as the recent hacks against the World Anti-Doping Agency.

Previous research by Trend Micro fingered Russian hackers as prime suspects in the attempted theft of sensitive data from the team investigating the downed Malaysia Airlines MH17 flight. ®

Similar topics

×

Similar topics

Narrower topics

Broader topics

Similar topics

COMMENTS

Similar topics

×

Similar topics

Narrower topics

Broader topics

TIP US OFF

Send us news

Other stories you might like