The campaign of the French presidential candidate Emmanuel Macron has been targeted by what appear to be the same Russian operatives responsible for hacks of Democratic campaign officials before last year’s American presidential election, a cybersecurity firm warns in a new report.
The report has heightened concerns that Russia may turn its playbook on France in an effort to harm Mr. Macron’s candidacy and bolster that of Mr. Macron’s rival, the National Front leader Marine Le Pen, in the final weeks of the French presidential campaign.
Security researchers at the cybersecurity firm, Trend Micro, said that on March 15 they spotted a hacking group they believe to be a Russian intelligence unit turn its weapons on Mr. Macron’s campaign — sending emails to campaign officials and others with links to fake websites designed to bait them into turning over passwords.
The group began registering several decoy internet addresses last month and as recently as April 15, naming one onedrive-en-marche.frand another mail-en-marche.fr to mimic the name of Mr. Macron’s political party, En Marche.
Those websites were registered to a block of web addresses that Trend Micro’s researchers say belong to the Russian intelligence unit they refer to as Pawn Storm, but is alternatively known as Fancy Bear, APT 28 or the Sofacy Group. American and European intelligence agencies and American private security researchers determined that the group was responsible for hacking the Democratic National Committee last year.
On Tuesday, Trend Micro’s researchers plan to release their report detailing cyberattacks in recent weeks against Mr. Macron’s campaign — as well as members of Germany’s Konrad-Adenauer Stiftung, a political foundation linked to Chancellor Angela Merkel’s political party — in what appears to be the latest Russian effort to influence political outcomes in the West.
The Kremlin scoffed at the report. Dmitri S. Peskov, the spokesman for President Vladimir V. Putin, said Monday in Moscow that “this all recalls the accusations that came from Washington and which are still suspended in thin air.” In remarks to Russian news media, he added that Russia had “never interfered” in foreign elections.
But the report’s findings gave some credence to the “strong suspicions” voiced weeks before Sunday’s voting by Mr. Macron’s digital director, Mounir Mahjoubi, that Moscow was the source of what he said had been a barrage of “highly sophisticated” efforts to gain access to the campaign’s email accounts.
Mr. Mahjoubi said in an interview Monday and earlier in April that he had no proof of a Russian role, but that the nature and timing of so-called phishing attacks and web assaults on the Macron campaign had stirred worries that Russia was repeating in France what American intelligence agencies say was a concerted effort to undermine Hillary Clinton’s campaign.
“The phishing pages we are talking about are very personalized web pages to look like the real address,” Mr. Mahjoubi added. Anyone could easily think he was logging into his own email. “They were pixel perfect,” he said Monday night. “It’s exactly the same page. That means there was talent behind it and time went into it: talent, money, experience, time and will.”
You can read the rest at the New York Times.