US cyber firms: Kremlin-linked hackers may have impersonated State Dept. employee
Kremlin-linked hackers may be behind a campaign to infect U.S. networks through impersonating State Department employees, according to a pair of U.S. cybersecurity firms.
Crowdstrike and FireEye told The Hill on Friday that for the past two days cyber actors have sent emails designed to look as though they're originating from the account of a State Department public affairs staffer, and that the emails include links to a compromised website.
The firms said they are attempting to attribute the source of the phishing emails, while noting that the actions appear to be similar to those of a hacking group linked to the Russian government.
A State Department spokesperson told The Hill that the agency is aware of the findings of the two cyber firms and that the actions are indicative of the kind of common malicious activity that affects many organizations.
https://thehill.com/policy/cybersecurity/417179-security-firms-say-kremlin-linked-hackers-may-have-impersonated-state