US charges 7 Russian GRU Officers with International Hacking . On Thursday 4 October a US grand jury indicted 7 Russian GRU Officers for hacking, wire fraud, identity theft and money laundering.
The GRU is the Main Directorate of the General Staff of the Armed Forces of the Russian Federation and is Russia’s largest foreign intelligence agency. It was found that the 7 officers were part of a retaliation and delegitimizing campaign against anti-doping organizations who exposed the Russian state sponsored athlete doping program.
Russia has a long history of doping in sport, including the Olympics, they have had 51 medals stripped for doping violations, the most of any country.
The officers are alleged to have hacked into the accounts of anti-doping officials from several agencies in order to steal information and launch an attack to discredit them. There was also evidence of campaigns to tarnish the reputation of other athletes by suggesting they were also doping.
Once the information was stolen, it was distributed on social media under the “Fancy Bears’ Hack Team” alias. Twitter was one of the main social media platforms used. The 7 would contact reporters to leak information to in order to generate media attention.
The United Kingdom National Cyber Security Centre (NCSC) has identified other hacking groups associated with the GRU. The other hacking groups are; APT 28, Fancy Bear, Sofacy, Pawnstorm, Sednit, CyberCaliphate, Voodoo Bear, Cyber Berkut, BlackEnergy Actors, STRONTIUM, Tsar Team and Sandworm.
APT have hit the headlines before after they were found to compromise LoJack, a legitmate piece of software, in order to infiltrate organizations and install malware. Sednit also hit the headlines after it was found that they were responsible for creating the first UEFI Rootkit seen in the wild.