Russian hacker group 'CyberBerkut' returns to public light with allegations against Clinton

The mysterious CyberBerkut group even has an emblem. It's a parody of one associated with a defunct Ukrainian military police force. (Access via CC0)

Share

Written by

A Twitter account tied to a group that the Defense Intelligence Agency recently described as “Russian hackers … supporting Russia’s military operations” returned to the spotlight Wednesday by posting a message that alleges Ukrainian government officials and businessmen laundered money and sent it to Hillary Clinton by making donations to the Clinton Foundation.

These allegations, a vague and loosely defined set of financial connections described in a single graphic and related blog post, could not be confirmed. The blog post alludes to an inappropriate relationship between Ukrainian billionaire Victor Pinchuk and the Clinton family. But emails that were supposedly stolen and posted in this blog post do not prove that such a conspiracy occurred. An attempt to contact the group went unanswered.

The Tweet posted Wednesday by this “CyberBerkut” group is the first such message posted publicly since January after the account shared an image of a redacted email it claims revealed plans by the U.S. government to doctor evidence to suggest that Russian hackers had interfered in the 2016 U.S. election.

It’s unclear whether Russian hackers are behind the Twitter account or what motivated the account to post content again. The development comes less than 24 hours after news broke that Donald Trump Jr., the president’s son, had met with a lawyer tied to the Kremlin during the 2016 campaign.

“CyberBerkut is a front organization for Russian state-sponsored cyber activity, supporting Russia’s military operations and strategic objectives in Ukraine,” the Defense Intelligence Agency noted in a recent report detailing Russian military capabilities. The agency specializes in military and defense intelligence and reports directly to the secretary of Defense.

“CyberBerkut employs a range of both technical and propaganda attacks, consistent with the Russian concept of ‘information confrontation,'” the agency notes.

Intelligence officials and private sector cybersecurity analysts say that since 2014, CyberBerkut has been involved in cyber-espionage, information warfare operations and disruptive computer network intrusions, including a distributed denial of service attack against NATO, Ukraine and German government websites.

In the past, a significant percentage of CyberBerkut’s known hacking campaigns focused on Ukraine. Some experts describe the group as a loose collective of hackers aligned with Russian interests, but not a direct extension of Russian intelligence services. The underlying identify of CyberBerkut remains a mystery.

“CyberBerkut uses information gained through … hacks to discredit the Ukrainian government. The intent is to demoralize, embarrass, and create distrust of elected officials,” a recent DIA report reads.

The Office of the Director of National Intelligence published a report in January stating that individuals under the order of the Russian government had hacked into multiple U.S. political organizations, leaked confidential information and leveraged digital propaganda against U.S. citizens ahead of the 2016 presidential election.

-In this Story-

APT28, APT29, cyberberkut, cybersecurity, Defense Intelligence Agency, Hillary Clinton, information warfare, news, propaganda, Russia, U.S.
Continue to CyberScoop.com