A new cybersecurity report says the Russian Main Intelligence Directorate, or GRU, hacked Burisma, the Hunter Biden-affiliated company at the center of the impeachment scandal. The report claims that Russia is possibly gearing up for a 2016-style hack-and-dump campaign with the fruits of the breach. (The GRU, after all, was at the center of that effort, and saw a dozen of its employees indicted for the campaign by Special Counsel Robert Mueller’s office) But how much do we really know about the reported attempt? Did hackers actually get in and grab some data?
Welcome to Rabbit Hole.
Attribution: The strongest evidence of a possible GRU interest in hacking Burisma didn’t come from the report from the firm Area 1 that ricocheted around the internet on Monday. It came from another cybersecurity firm weeks ago. Kyle Ehmke, a threat intelligence researcher at Threatconnect, keeps a close eye on website registrations that look like they’re going to be used in spear-phishing campaigns run by nation states. In December, Ehmke flagged a handful of domains which Area 1 later included in their report.