Suspected Russian hackers used new tactic against UK researcher
FILE PHOTO: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/ File Photo
LONDON - Suspected Russian hackers have deployed a new tactic to trick even wary targets into compromising their own accounts, a victim of the spy campaign and researchers said on Wednesday.
Last month hackers masquerading as a U.S. State Department employee who said her name was Claudie Weber invited British researcher Keir Giles to a meeting she said required the use of a secure government programme, according to emails reviewed by Reuters.
Although Weber used a Gmail address, she spoke idiomatic English and copied her purported work address and State Department colleagues throughout the exchange.
Giles, a senior consulting fellow of the Russia and Eurasia programme at London's Chatham House, has been targeted by hackers and spies previously and said he is typically on his guard about unsolicited pitches.
However, Giles was taken in by Weber's patience over nearly two weeks of correspondence, the professionally produced material she attached to her email, and the fact that other State Department officials appeared to be copied on the conversation.
Giles eventually provided Weber with an app-specific password, a kind of credential which can be used to help third party applications access email accounts but can also be abused to bypass password protection.
In a blog post, Alphabet's Google attributed the hack to the Russian government, based on similar activity it had seen previously.
The Russian Foreign Ministry did not immediately return messages seeking comment about Google's findings.
Giles said there had been "an impressive amount of effort to make this a seamless operation".
"There's nothing which, to me, even in retrospect, was a red flag," he said.
Although it was not possible to say for sure whether the hackers used large language models - typically dubbed artificial intelligence - to help draft messages to Giles, the fluency of the exchange suggests that hackers may be using such programmes, marking an upgrade from the typo-strewn, panic-inducing messages often associated with "smash-and-grab phishing", said John Scott Railton, a researcher with the University of Toronto-based Citizen Lab, which investigated Giles' hack.
"This is the kind of attack almost anyone could have fallen for," he added.
Reuters could not reach Weber, whose email is now inactive, or find any trace of her or the other purported State Department officials on the exchange with Giles.
Citizen Lab in its report said that sending messages to non-existent State employees does not produce an error message, which the hackers may have taken advantage of in their interactions with Giles.
The U.S. State Department did not immediately return a message seeking comment. REUTERS
Join ST's Telegram channel and get the latest breaking news delivered to you.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Straits Times
41 minutes ago
- Straits Times
Putin on Iran and Germany's Merz
ST PETERSBURG, Russia - Russian President Vladimir Putin made the following comments to senior news agency editors on the conflict between Iran and Israel and on whether he would be willing to speak to German Chancellor Friedrich Merz. ASKED ABOUT ISRAELI REMARKS ABOUT POSSIBLE REGIME CHANGE IN IRAN: "You always need to look at whether the goal is achieved or not when starting something. We see that today in Iran, with all the complexity of the internal political processes taking place there, we are aware of this, and I think there is no point in going deeper, but nevertheless there is a consolidation of society around the country's political leadership. This happens almost always and everywhere, and Iran is no exception. This is the first thing. "The second thing that is very important is that everyone is talking about it, I will only repeat what we know and hear from all sides, these underground factories, they exist, nothing has happened to them. And in this regard, it seems to me that it would be right for everyone to look for ways to end hostilities and find ways for all parties to this conflict to come to an agreement with each other in order to ensure both Iran's interests, on the one hand, for its nuclear activities, including peaceful nuclear activities, of course (I mean peaceful nuclear energy and the peaceful atom in other areas), as well as to ensure the interests of Israel from the point of view of the unconditional security of the Jewish state. This is a delicate issue, and, of course, you need to be very careful here, but in my opinion, in general, such a solution can be found." ASKED IF HE WOULD BE WILLING TO SPEAK TO GERMANY'S MERZ: "If the Federal Chancellor wants to call and talk, I have already said this many times - we do not refuse any contacts. And we are always open to this... At some point, when our European partners decided to inflict a strategic defeat on us on the battlefield, they themselves stopped these contacts. They stopped, let them resume. We are open to them. "I do doubt if Germany can contribute more than the United States as a mediator in our negotiations with Ukraine. A mediator must be neutral. And when we see German tanks and Leopard (battle tanks) on the battlefield, and now we are looking at the fact that the Federal Republic is considering supplying Taurus (missiles) for attacks on Russian territory using not only the equipment itself, but also using Bundeswehr officers... Here, of course, big questions arise. It is well known that if this happens, it will not affect the course of hostilities, that is excluded. But it will spoil our relationship completely. "Therefore, today we consider the Federal Republic, just like many other European countries, not a neutral state, but as a party supporting Ukraine, and in some cases, perhaps, as accomplices in these hostilities. Nevertheless, if we are talking about a desire to talk about this topic, to present some ideas on this subject, I repeat once again, we are always ready for this." REUTERS Join ST's Telegram channel and get the latest breaking news delivered to you.
Straits Times
an hour ago
- Straits Times
US to resume student visa appointments but applicants are required to make social media accounts public
Under new guidance, consular officers will conduct a "comprehensive and thorough vetting" of all student and exchange visitor applicants. PHOTO: REUTERS US to resume student visa appointments but applicants are required to make social media accounts public WASHINGTON - The United States is directing its US diplomatic missions abroad to resume student visa applications, but is requiring applicants to make their social media profiles public for vetting purposes, a senior State Department official said on June 18. On May 27, the Trump administration ordered its missions abroad to stop scheduling new appointments for student and exchange visitor visa applicants as the State Department prepared to expand social media vetting of foreign students. US Secretary of State Marco Rubio had said updated guidance would be released once a review was completed. On June 18, a State Department official, speaking on the condition of anonymity, said under new guidance, consular officers will conduct a "comprehensive and thorough vetting" of all student and exchange visitor applicants. 'To facilitate this vetting, all applicants for F, M, and J nonimmigrant visas will be asked to adjust the privacy settings on all their social media profiles to 'public'. Posts may resume scheduling F, M, and J visa applications,' the official said. "The enhanced social media vetting will ensure we are properly screening every single person attempting to visit our country." Trump administration officials have said student visa and green-card holders are subject to deportation over their support for Palestinians and criticism of Israel's conduct in the war in Gaza, calling their actions a threat to US foreign policy and accusing them of being pro-Hamas. Mr Trump's critics have called the effort an attack on free speech rights under the First Amendment of the US Constitution. REUTERS Join ST's Telegram channel and get the latest breaking news delivered to you.
Straits Times
2 hours ago
- Straits Times
Colombia's Council of State suspends Petro's labor reform referendum
Colombia's President Gustavo Petro speaks during the rally for peace and democracy at San Francisco Square in Cali, Colombia June 11, 2025. REUTERS/Sebastian Marmolejo/File Photo BOGOTA - Colombia's Council of State on Wednesday suspended a decree by President Gustavo Petro that sought to call a referendum on a labor reform, citing lack of Senate authorization. The decree, which Petro issued last week, sparked criticism from political opposition, which labeled it a coup d'etat and an overt challenge to the nation's institutions and congress, which must authorize such measures. Colombia's Council of State is a high court that settles disputes between the state and private parties. On Tuesday, the Senate approved a revised version of the labor reform bill after extensive debate. The bill, which passed with 57 votes in favor and 31 against, includes provisions for an eight-hour daytime workday, higher weekend and holiday pay, and mandatory social security contributions from delivery app drivers. REUTERS Join ST's Telegram channel and get the latest breaking news delivered to you.
