Fancy Bear—the Russian state hacking group that brought you the smash-and-leak attacks on the Democratic National Committee and World Anti-Doping Agency, the NotPetya worm that inflicted billions of dollars of damage worldwide, and the VPN Filter compromise of 500,000 routers—is targeting organizations involved in elections taking place in the US and UK, Microsoft has warned.
Over a two-week period last month, the group attempted attacks on more than 6,900 accounts belonging to 28 organizations, Microsoft said. Between September 2019 and last June, Fancy Bear targeted tens of thousands of accounts belonging to employees of more than 200 organizations. The hackers use two techniques—one known as “brute forcing” and the other called “password spraying”—in an attempt to obtain targets’ Office365 login credentials. So far, none of the attacks has succeeded.