Russia launches spearfishing campaign through U.S. gov’t emails

Recently Updated

Top Folders

Dates on Trump File reflect when something happens, not when it's first reported.

Sometime in the days leading up to May 24, hackers working for Russia’s SVR intelligence agency begin sending malicious emails to more than 3,000 people through an email system used by the U.S. Agency for International Development (USAID).

The emails, which include a path for hackers to gain unlimited access to the computer systems of recipients, likely began going out sometime last week and are reported to the public by Microsoft on May 27. Russian agents targeted and continue to target human rights groups, think tanks, and other U.S. organizations that have been critical of Vladimir Putin.

In essence, the Russians got into the Agency for International Development email system by routing around the agency and going directly after its software suppliers. Constant Contact manages mass emails and other communications on the aid agency’s behalf…. By breaching the systems of a supplier used by the federal government, the hackers sent out genuine-looking emails to more than 3,000 accounts across more than 150 organizations that regularly receive communications from the United States Agency for International Development. Those emails went out as recently as this week, and Microsoft said it believes the attacks are ongoing.

The Boston Globe

The emails include a line of linked text, such as “Donald Trump has published new emails on election fraud,” that, when clicked, drops malicious files onto the computers of the recipients.

Microsoft

Russia’s SVR is also responsible for the SolarWinds breach last year, which included many U.S. agencies, the military, the federal courts system, and over 80 percent of the country’s Fortune 500 companies.

At the time of this writing, it’s unclear how many of the 3,000 emails were successful in infecting computer systems and which agencies have been breached. The Biden White House downplays the attack, saying this kind of breach is typical of daily cyber concerns for the U.S. government.

External Sources

Wired (Archived)

MSN / Boston Globe (Archived)

The New York Times (Archived)

Photo: DMITRI LOVETSKY/REUTERS

Note From TF

Some Trump File posts are incomplete as the site is still young and Trump world moves fast. Please use the source links to read further if a topic interests you or if you doubt its authenticity. If a post does not have source links, it is an early draft and will be updated soon. I plan to go back and build on every post in the future.

If If there is content you'd like to add context to or something that should be corrected, please contact TF by clicking here or email us at trumpfile@protonmail.com. You can also find us on Twitter.

Support The Site:

Keep Reading

Recommended

Dates on Trump File reflect when something happens, not when it's first reported.

Sometime in the days leading up to May 24, hackers working for Russia’s SVR intelligence agency begin sending malicious emails to more than 3,000 people through an email system used by the U.S. Agency for International Development (USAID).

The emails, which include a path for hackers to gain unlimited access to the computer systems of recipients, likely began going out sometime last week and are reported to the public by Microsoft on May 27. Russian agents targeted and continue to target human rights groups, think tanks, and other U.S. organizations that have been critical of Vladimir Putin.

In essence, the Russians got into the Agency for International Development email system by routing around the agency and going directly after its software suppliers. Constant Contact manages mass emails and other communications on the aid agency’s behalf…. By breaching the systems of a supplier used by the federal government, the hackers sent out genuine-looking emails to more than 3,000 accounts across more than 150 organizations that regularly receive communications from the United States Agency for International Development. Those emails went out as recently as this week, and Microsoft said it believes the attacks are ongoing.

The Boston Globe

The emails include a line of linked text, such as “Donald Trump has published new emails on election fraud,” that, when clicked, drops malicious files onto the computers of the recipients.

Microsoft

Russia’s SVR is also responsible for the SolarWinds breach last year, which included many U.S. agencies, the military, the federal courts system, and over 80 percent of the country’s Fortune 500 companies.

At the time of this writing, it’s unclear how many of the 3,000 emails were successful in infecting computer systems and which agencies have been breached. The Biden White House downplays the attack, saying this kind of breach is typical of daily cyber concerns for the U.S. government.

External Sources

Wired (Archived)

MSN / Boston Globe (Archived)

The New York Times (Archived)

Photo: DMITRI LOVETSKY/REUTERS

NOTE FROM TF

Some files are incomplete as the site is still young and Trump world moves fast. Please use the source links to read further if a topic interests you or if you doubt its authenticity. I plan to go back and build on every file in the future.

If there is content you'd like to add context to or something that should be corrected, please contact us by clicking here or email us at trumpfile@protonmail.com

Support The Site:

Keep Reading

Recently Added & Updated

Keep Reading