Hackers from Russia’s military intelligence unit, the GRU, have allegedly targeted a Ukrainian energy firm tied to the impeachment proceedings against U.S. President Donald Trump.
Cybersecurity experts at California-based Area 1 Security released a report on Monday that found Burisma Holdings, where the son of presidential front-runner Joe Biden sat on the board, was successfully penetrated in a wide-ranging phishing campaign that stole e-mail credentials of employees.
It isn’t clear if anything was stolen from the company or its subsidiaries, which were initially targeted, if any information was gleaned, and what the ultimate goal of the hackers was.
Hunter Biden, the son of former Vice President Joe Biden, was a board member of Burisma from 2014 until last year.
Trump asked Ukrainian President Volodymyr Zelenskiy to “look into” allegations of wrongdoing by the Bidens and the energy firm in a July 25 phone call. Their conversation was the subject of an ensuing whistle-blower’s complaint that triggered the impeachment investigation, which began in September.
The U.S. president has since been charged with abuse of office and obstruction of Congress by the Democratic-led House of Representatives, which is scheduled on January 14 to vote on the timing of when to send the articles of impeachment to the Republican-controlled Senate for a trial on whether to remove him from office.
No evidence of corruption by either of the Bidens has surfaced in light of allegations by Trump’s personal lawyer, Rudy Giuliani, that the former vice president sought to protect his son by pressuring Ukrainian officials.
Evidence has yet to emerge of allegations that Joe Biden pushed for the ouster of Ukraine’s chief prosecutor when he served as vice president and was seen as then-President Barack Obama’s point man on Ukraine.
U.S. allies in Europe and Ukraine’s international lenders supported Joe Biden because successive chief prosecutors were believed to have been either obstructing or stalling investigations into high-profile corruption cases, including probes into Burisma.
The alleged hacker group used a similar phishing pattern and is directly connected to Fancy Bear, the same Russian cyber-infiltrators of the Democratic National Committee in the months leading up the 2016 presidential election that Trump, a Republican, won.
The GRU featured prominently in the Mueller report on Russian interference in the 2016 presidential campaign, which concluded that Russia hacked the Democratic Party and Hillary Clinton’s campaign to help Trump.
Russia has denied meddling in the 2016 presidential campaign and election.
Area 1’s eight-page report said the cyberattacks on Burisma began in November, when Ukraine and impeachment, as well as talk of the Bidens, were dominating news headlines in the United States.
Zelenskiy Firm Targeted
“Area 1 Security has also further connected this GRU phishing campaign to another phishing campaign targeting a media organization founded” by Zelensky, the report said.
The New York Times, which first wrote about the anti-phishing company’s report, said the attack “appears to have been aimed at digging up e-mail correspondence” of Studio Kvartal 95, which then was headed by Ivan Bakanov, whom Zelenskiy appointed as head of Ukraine’s Security Service in June.