White House hackers 'Russian speakers': researchers

April 22, 2015

Hackers who penetrated the State Department and White House computer networks in recent month were "Russian speakers," security researchers said Wednesday.

The hackers have aimed at high-profile targets including US government and commercial networks as well as in Germany, South Korea and Uzbekistan, according to researchers at Kaspersky Lab, a Russian-headquartered security firm.

The malware used, dubbed "CozyDuke," bears similarities to other malicious programs used in recent years and is designed to get around most detection programs.

Kaspersky said CodyDuke's coding is related to similar malware MiniDuke and CosmicDuke.

"We have been monitoring both MiniDuke and CosmicDuke for couple of years. Kaspersky Lab was the first to warn about MiniDuke attacks in 2013, with the oldest known samples for this cyberthreat dating back to 2008," said Kaspersky researcher Kurt Baumgartner.

"CozyDuke is definitely connected to these two campaigns, as well as to the OnionDuke cyberespionage operation. Every one of these threat actors continues to track their targets, and we believe their espionage tools are all created and managed by Russian-speakers."

According to Kaspersky, this group is responsible for the attack on the State Department which allowed hackers to access the White House.

Last year, White House officials acknowledged a computer intrusion but said no classified data was accessed, and did not comment on reports linking the attack to Russian .

Kaspersky said a key element of the attacks was the use of "spearphishing," or emails that appear legitimate but contain attachments that install malware when a recipient clicks on them.

One of the attachment was an amusing "office monkeys" video which appears to be innocent.

"These videos are quickly passed around offices with delight while systems are infected in the background silently," the Kaspersky report said.

Explore further: Cyber attacks on Israel traced to Gaza: researchers

Related Stories

Iran spokeswoman says it concerned by cybersecurity report

February 18, 2015

Iran is concerned by a Russian cybersecurity firm's report suggesting a new family of malicious programs and worms is infecting computers there and elsewhere in the world, a Foreign Ministry spokeswoman said Wednesday.

Hackers target CEOs in 'Darkhotel' scheme

November 10, 2014

Hackers have developed a scheme to steal sensitive information from top executives by penetrating the Wi-Fi networks of luxury hotels, security researchers said Monday.

Recommended for you

Technology near for real-time TV political fact checks

January 18, 2019

A Duke University team expects to have a product available for election year that will allow television networks to offer real-time fact checks onscreen when a politician makes a questionable claim during a speech or debate.

Privacy becomes a selling point at tech show

January 7, 2019

Apple is not among the exhibitors at the 2019 Consumer Electronics Show, but that didn't prevent the iPhone maker from sending a message to attendees on a large billboard.

China's Huawei unveils chip for global big data market

January 7, 2019

Huawei Technologies Ltd. showed off a new processor chip for data centers and cloud computing Monday, expanding into new and growing markets despite Western warnings the company might be a security risk.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.