Hackers have targeted election campaign of Macron, says cyber firm

Adjust Comment Print

People walk past campaign posters of Marine Le Pen (L), French National Front (FN) political party leader, and Emmanuel Macron (R), head of the political movement En Marche!

Security researchers at the cybersecurity firm, Trend Micro, said that on March 15 they spotted a hacking group they believe to be a Russian intelligence unit turn its weapons on Mr. Macron's campaign - sending emails to campaign officials and others with links to fake websites created to bait them into turning over passwords.

The firm was unable to tell whether any campaign staffers actually fell into any traps, or whether any campaign materials were compromised.

The Tokyo-based firm said it recently detected four Macron-themed fake domains being set up on digital infrastructure used by a group it has followed for years called Pawn Storm.

Russian citizens "are also targeted by Pawn Storm", the paper claimed, adding that "journalists, software developers, politicians, researchers at universities, and artists" fell prey to hackers.

French presidential candidate Emmanuel Macron attends an event on Monday in Paris.

He will face off on May 7 against anti-immigrant, anti-EU candidate Marine Le Pen, who came second with 21.3%, beating establishment candidates from France's two largest political parties.

Security firm, Trend Micro, released a paper today detailing Pawn Storm's operations within the last two years.

Pawn Storm - also known as Sednit, Fancy Bear, APT28, Sofacy and Strontium - is becoming more aggressive in its efforts to influence politics, and email is at the core of most attacks, security researchers have found.

"As things stand now, it's nothing but fake news", Peskov said.

Mahjoubi said the attempts to penetrate the Macron campaign dated to December 2016.

A report this month by Denmark's Center for Cyber Security detailed a string of phishing attacks against the Danish armed forces and the ministries of defence and foreign affairs during 2015 and 2016 which it blamed on APT 28, or Pawn Storm.

She said that the attempt was "absolutely not successful", but that hackers tried to gain access to campaign workers' passwords so that they could access their email. Macron favors a strong European Union, while Le Pen wants to pull France out of the bloc, weakening it.

Russian media have circulated unsubstantiated claims, for instance, that he had had a gay love affair, that he was an agent of United States banks, and that he was financed by Saudi Arabia. "Given that Le Pen is so far back in the polls, my hunch is that - as with the US - the Russian game plan will not be primarily about making her win, but rather about sowing doubt/discord/confusion".

The news comes as officials are continuing to investigate interference in the 2016 presidential elections in the US, including possible ties between Russian Federation and members of President Donald Trump's campaign.

Macron's campaign spokeswoman, Laurence Haim, told NBC News it was a "sophisticated" phishing attack.

At a minimum, Khatod said there is no excuse not to implement the Dmarc (domain-based message authentication, reporting and conformance) email authentication policy to help identify and block malicious emails impersonating trusted domains.

Kremlin spokesman Dmitry Peskov on Monday also brushed off the allegations, which have been circulating for weeks.