'Fancy Bear' Targets Ukrainian Oil Firm Burisma in Phishing Attack

The oil & gas company is at the heart of the ongoing US presidential impeachment case.

Dark Reading Staff, Dark Reading

January 15, 2020

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Burisma Holdings, a Ukrainian oil & gas company, has been hit with a phishing campaign that began in early November 2019 and is ongoing, according to Area 1 Security, which spotted the campaign it says came out of the Main Intelligence Directorate of the General Staff of the Russian Army (GRU).

The attack on Burisma, the Ukrainian company at the center of the current presidential impeachment case, was first reported by The New York Times last night. Intelligence agencies reportedly compared the new attack to that against Hillary Clinton's 2016 presidential campaign by the GRU's Fancy Bear hacking team. The payloads appear designed to gather login credentials from targeted email recipients.

The phishing campaign is running alongside active intelligence activities on the part of Russian actors, aimed at gathering information that could be damaging to Democratic candidate Joe Biden and his family, the Times reported. 

Area 1 disclosed details on the attack today in a new report.

For more, read here and here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "6 Unique InfoSec Metrics CISOs Should Track in 2020."

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights