Clinton hack group sent phishing emails to French presidential candidate

Japanese security firm Trend Micro warns that the group that appears to be responsible for the Clinton hacks is targeting French presidential candidate Emmanuel Macron with a phishing campaign.

The report, which has been read by The New York Times, among others, states that the company found in March that phishing emails were being sent to Macron’s campaign staff. These were provided with URLs such as ‘onedrive-en-marche’ and ‘mail-en-marche’ in reference to the name of Macron’s party, which called ‘En Marche!’, or ‘In Motion!’ reads. The websites were part of a collection of addresses previously used by the group, according to Trend Micro.

The company identifies the group responsible as APT28, Pawn Storm, Sofacy or Fancy Bear. These are all names for the group of Russian origin that is also said to be responsible for the hacks on the American Democratic Party. A Trend Micro spokesperson told Reuters that the phishing sites showed the same fingerprints as the campaign at the time. Russia responded to the report by stating that “it has never interfered in foreign elections.”

Mounir Mahjoubi, the digital chief of Macron’s campaign, confirmed that phishing emails had arrived. The pages on the different URLs would be identical to existing pages, from which he infers that the attackers have knowledge and money. The purpose of the sites was to intercept passwords and usernames of campaign employees. None of the employees have entered their details, Mahjoubi said.

The first round of voting in the French presidential election took place on April 23. The second round is scheduled for May 7. Macron managed to get the most votes in the first round.