White House hackers 'Russian speakers': researchers

April 22, 2015

Hackers who penetrated the State Department and White House computer networks in recent month were "Russian speakers," security researchers said Wednesday.

The hackers have aimed at high-profile targets including US government and commercial networks as well as in Germany, South Korea and Uzbekistan, according to researchers at Kaspersky Lab, a Russian-headquartered security firm.

The malware used, dubbed "CozyDuke," bears similarities to other malicious programs used in recent years and is designed to get around most detection programs.

Kaspersky said CodyDuke's coding is related to similar malware MiniDuke and CosmicDuke.

"We have been monitoring both MiniDuke and CosmicDuke for couple of years. Kaspersky Lab was the first to warn about MiniDuke attacks in 2013, with the oldest known samples for this cyberthreat dating back to 2008," said Kaspersky researcher Kurt Baumgartner.

"CozyDuke is definitely connected to these two campaigns, as well as to the OnionDuke cyberespionage operation. Every one of these threat actors continues to track their targets, and we believe their espionage tools are all created and managed by Russian-speakers."

According to Kaspersky, this group is responsible for the attack on the State Department which allowed hackers to access the White House.

Last year, White House officials acknowledged a computer intrusion but said no classified data was accessed, and did not comment on reports linking the attack to Russian .

Kaspersky said a key element of the attacks was the use of "spearphishing," or emails that appear legitimate but contain attachments that install malware when a recipient clicks on them.

One of the attachment was an amusing "office monkeys" video which appears to be innocent.

"These videos are quickly passed around offices with delight while systems are infected in the background silently," the Kaspersky report said.

Explore further: Cyber attacks on Israel traced to Gaza: researchers

Related Stories

Iran spokeswoman says it concerned by cybersecurity report

February 18, 2015

Iran is concerned by a Russian cybersecurity firm's report suggesting a new family of malicious programs and worms is infecting computers there and elsewhere in the world, a Foreign Ministry spokeswoman said Wednesday.

Hackers target CEOs in 'Darkhotel' scheme

November 10, 2014

Hackers have developed a scheme to steal sensitive information from top executives by penetrating the Wi-Fi networks of luxury hotels, security researchers said Monday.

Recommended for you

Coffee-based colloids for direct solar absorption

March 22, 2019

Solar energy is one of the most promising resources to help reduce fossil fuel consumption and mitigate greenhouse gas emissions to power a sustainable future. Devices presently in use to convert solar energy into thermal ...

EPA adviser is promoting harmful ideas, scientists say

March 22, 2019

The Trump administration's reliance on industry-funded environmental specialists is again coming under fire, this time by researchers who say that Louis Anthony "Tony" Cox Jr., who leads a key Environmental Protection Agency ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.