Russian hackers instructed by the country’s military intelligence unit have targeted and successfully hacked into subsidiaries of Ukrainian gas company Burisma Holdings, the New York Times reports.
The son of former U.S. Vice President Joe Biden’s son has served on the board of the Cyprus-based company, which is owned by Ukrainian former politician and businessman Mykola Zlochevsky.
Hackers from the military intelligence (GRU) and Kremlin-linked group “Fancy Bear” targeted a number of Ukrainian companies starting in November in a phishing campaign, which would collect the usernames and passwords of employees to breach the system, the New York Times writes.
A Silicon Valley security firm who detected the hack told the newspaper they determined all the companies targeted were subsidiaries of Burisma. One of the companies targeted, Ukrainian television production company Kvartal 95, was founded by Ukrainian President Volodymyr Zelensky.
The phishing email seemed to reportedly target correspondence of the Kvartal 95’s head, Ivan Bakanov—who was later appointed head of Ukraine’s Security Service. President Trump’s impeachment inquiry was sparked after a whistle-blower raised concerns about a call Trump had with Zelensky, where he pushed for the country to investigate the Bidens.
Trump’s interest in the company spiked after he learned that Hunter Biden, the son of former Vice President Joe Biden, served on the board of Burisma until earlier this year. Since then, the U.S. president has leveled unfounded allegations of corruption against the Bidens related to Hunter Biden’s work for Burisma.
The Times reported that it’s still unclear what the Russian hackers uncovered or what they were looking for. But security experts told the outlet that the timing and scale of the cyberattacks suggest Russian intelligence agents may be digging around for dirt on the Bidens, which is something Trump asked the Ukrainian government, as well as his personal lawyer Rudy Giuliani and several others to obtain ahead of the 2020 election.
Targeting Burisma was seemingly part of a broader hacking effort, as the Times reported Friday that there have been approximately 1,000 phishing attempts against each leading Democratic candidate within the past two months alone, according to cybersecurity firm Area1.