Fancy Bear attacked Ukrainian oil and gas company Burisma
The cybercriminal group Fancy Bear (also known as APT28) organized a phishing campaign aimed at employees of the Ukrainian oil and gas company Burisma Holdings.
According to experts from the security company Area 1 Security, the criminals aimed at two subsidiaries of Burisma - KUB-GAZ and ESKO-PIVNICH - as well as the related CUB Energy Inc. Attackers used similar domains to trick company employees into entering their email passwords. According to experts, Burisma and its subsidiaries use the same mail server.
The company's website has been subjected to numerous hacking attempts over the past six months, but it remains unknown what data the criminals tried to steal. According to experts, the phishing campaign aimed at Burisma employees was successful, and the attackers managed to break into one of the company's mail servers.
Hacking Burisma mail servers could lead to the disclosure of correspondence by Hunter Biden, who served on the company's board of directors from 2014 to 2019. Hunter is the son of Joe Biden, a likely rival in the U.S. presidential election in 2020, incumbent U.S. President Donald Trump. The criminals allegedly sought compromising information on a political rival.