Weekly newsletter

Russian Hacker Group Likely Behind Cyberattack Against Hungarian Journalists

Péter Cseresnyés 2021.10.11.

Last week, Google warned thousands of its users worldwide, including several Hungarian investigative journalists, of a government-backed cyberattack. At the time the company did not specify which government the attack might come from. However, Google has now released a statement according to which it was a state-sponsored phishing campaign from Russian government hacking group, APT28.

As we previously reported, last week Google warned several Hungarian investigative journalists that they were potential targets of a government-backed cyberattack, in attempts to access their accounts.

Google Warns Hungarian Journalists of Gov't-Backed Cyberattack
Google Warns Hungarian Journalists of Gov't-Backed Cyberattack

"The alert warns the user that they are a potential target for a follow-up attack, so it's time to take security measures," the director of Google's Threat Analysis Group, Shane Huntley said.Continue reading

The list of the targeted individuals includes Tamás Bodoky, editor-in-chief of Átlátszó, András Lőke, editor-in-chief of ittlakunk.hu, and HVG journalist, Bihari Ádám.

Google did not specify which government the attack came from, as according to their security message this would allow the attackers to figure out how the security systems had been able to identify the breach attempt, a security message explained.

According to an article by BleepingComputer, Google alerted approximately 14,000 users that they had been targets of hackers.

Shane Huntley, the head of the Threat Analysis Group (TAG), Google’s anti-hacker team wrote on Twitter that his team had sent an “above average batch” of warnings.

In a statement sent by a Google spokesperson, Huntley said that the warnings were related to a recent phishing campaign “targeting a large volume of Gmail users” by APT28, also known as Fancy Bear, a threat group that has been linked to the Russian government.

Huntley said that Fancy Bear’s phishing campaign accounted for 86% of all the batch warnings delivered this month. He also outlined that these notifications indicate targeting of the recipient, not a compromise of their Gmail account.

The news about the Russian phishing campaign comes on the heels of the Pegasus scandal in which among others, Hungarian investigative journalists and public figures were monitored using an Israeli spyware capable of hacking smartphones.

Featured photo illustration via Pixabay