TeamHood German Parliament members emails were targeted in a spearphishing attack. The extent of data compromised is not yet known. Attackers targeted German politician by sending emails from an account name Der Spiegel.
It is reported the seven German federal parliamentarians and 31 members of German regional parliamentarians accounts were compromised in the attack.
Most parliament members targeted in this attack are part of the CDU/CSU and SPD governing parties.
A Bundestag spokesperson said that the attackers didn’t target the Bundestag’s network. After the attack was detected, all targeted parliament members were immediately notified.
As per updates from German security authorities attack suspect is a Russian military intelligence hacking group dubbed Ghostwriter.
Ghostwriter has been running “information operations” pushing narratives aligned with Russian security interests since March 2017.
The hacking group has used fabricated personas posing as journalists and analysts to target Lithuanian, Latvian, and Polish audiences with anti-North Atlantic Treaty Organization (NATO) narratives disseminated using compromised websites and spoofed email accounts.
“The Ghostwriter campaign leverages traditional cyber threat activity and information operations tactics to promote narratives intended to chip away at NATO’s cohesion and undermine local support for the organization in Lithuania, Latvia, and Poland,” FireEye said.
