Months-long phishing campaign targets dozens of Russia-focused journalists and NGOs - Bellingcat.com
A sophisticated phishing campaign targeting Bellingcat and other Russia-focused journalists has been much larger in scope than previously thought, and has lasted at least several months. Bellingcat has identified dozens of targeted individuals across Europe and the US, with the earliest reported attack dating back to April 24 2019, and some evidence suggesting the campaign was in the works since as early as March 2018, as Bellingcat.com's experts claimed on August 10. The target list of over 30 individuals using the end-to-end encrypted ProtonMail email service includes journalists, researchers, academics, employees of NGOs, and political activists. (...) Contrary to previous reporting, we have identified that at least some of the phishing attempts have been successful. All targets are involved in work focused on Russia, and most have previously been subject to public attacks – either personally or institutionally – by the Russian government. These accounts may be grouped in the following categories:
- Journalists: including Bellingcat researchers (2), BBC investigative journalist (1), Guardian journalists (3), and journalists from different Russian investigative media (3). At least two of the targeted foreign journalists are known to have previously banned from traveling to Russia.
- NGO’s with a focus on Russia or assisting Russian independent media (10 targets). Several of these organizations asked to not be named publicly, in order to discourage further attacks. The list of NGOs included, for instance, the Prague-based European Values Think Tankwhich has been vocally critical of Russian disinformation efforts in Central Europe, and the Free Russia Foundation.
- Investigators and academics focused on Kremlin’s foreign policy and Russian clandestine operations abroad (6).
Liked the article? Help us be even more cool!