Germany orders an arrest of GRU hacker over attack on NATO


Nikolaj Kozachek, affiliated with Russia's state intelligence, is accused of penetrating the systems of a NATO think tank in Germany.

German authorities accused Kozachek, an officer in Russia's Main Intelligence Directorate of the General Staff (GRU), of hacking into Joint Air Power Competence Center, a NATO think tank in Germany.

Kozachek is also wanted by the FBI for his alleged role in interfering with the 2016 US Presidential elections. He and 11 other GRU officials are wanted for hacking the Democratic party and following DCLeaks, which arguably affected the outcome of the election.

ADVERTISEMENT

According to Spiegel, Kozachek, known online as 'blabla1234565' and 'kazak,' attacked the NATO think tank in April 2017 on behalf of his Russian employer. The accused hacker has installed keylogging malware on target computers. The hack led to hackers gaining access to NATO's internal information.

German authorities believe he is a member of a Russian state-sponsored hacking group Fancy Bear (APT28). The group is associated with GRU and has recently switched from malware-based spear-phishing to targeting cloud service providers.

Fancy Bear focused their attention on service providers such as Microsoft 365, Google's GSuite, as well as webmail providers that individuals usually use.

Kozachek and another Russian hacker Dmitri Badin are also wanted by the German authorities for their involvement in the 2015 Bundestag hack.

Fancy Bear has been active since at least 2005. The group's hackers gained notoriety following reports of the group's involvement in the DNC Hack of 2016 and a series of cyberattacks on Emmanuel Macron's campaign websites in the run-up to the 2017 French Presidential elections.

The group is also believed to be behind spying on strategic Czech institutions and attacks against Norway's parliament.

ADVERTISEMENT