E-mails phished from Russian critic were “tainted” before being leaked

Enlarge / This fraudulent e-mail was sent in a successful attempt to phish the Gmail password for reporter David Satter. (credit: Citizen Lab)

E-mails stolen in a phishing attack on a prominent critic of Russian President Vladimir Putin were manipulated before being published on the Internet. That’s according to a report published Thursday, which also asserts that the e-mails were manipulated in order to discredit a steady stream of unfavorable articles.

The phishing attack on journalist David Satter’s Gmail account was strikingly similar to the one that hit Hillary Clinton presidential campaign chairman John Podesta last year. The attack on Satter looked almost identical to the security warnings Google sends when attackers obtain a subscriber’s password. Code embedded inside led Satter to a credential-harvesting site that was disguised to look like Google’s password-reset page. With that, the site automatically downloaded all of Satter’s private correspondence.

Thursday’s report from the University of Toronto’s Citizen Lab stopped short of saying Russia’s government was behind the phishing attack and subsequent manipulation of Satter’s e-mail. US intelligence officials, however, have determined that Russia was behind the attacks on Podesta and other Democratic officials. Thursday’s report also said the same attack on Satter targeted 218 other individuals, including a former Russian Prime Minister, members of cabinets from Europe and Eurasia, ambassadors, high-ranking military officers, and CEOs of energy companies.

Read 4 remaining paragraphs | Comments