Ukrainian hackers say they have compromised Russian spy who hacked Democrats in 2016

By Raphael Satter

WASHINGTON (Reuters) – Ukrainian hackers claim to have broken into the emails of a senior Russian military spy wanted by the Federal Bureau of Investigation for hacking the Hillary Clinton campaign and other senior U.S. Democrats ahead of Donald Trump’s election to the presidency in 2016.

In a message posted to Telegram on Monday, a group calling itself Cyber Resistance said it had stolen correspondence from Lt. Col. Sergey Morgachev, who was charged in 2018 with helping organize the hack and leak of emails from the Democratic National Committee (DNC) and the Clinton campaign.

Reuters was not immediately able to fully corroborate the claim, but some of Morgachev’s purported personal information – which the hackers shared with the Ukrainian publication InformNapalm – lines up with previously leaked data preserved by the cybersecurity research platform Constella Intelligence.

Stefan Soesanto, a researcher at the Swiss Federal Institute of Technology in Zurich who has studied Ukrainian hacking groups, said the leak “looks pretty credible,” noting that InformNapalm had a history of cross-checking the data it received from hackers.

InformNapalm said in an article about the breach that it had confirmed Morgachev’s identity by poring through personnel files and a curriculum vitae stolen by the hackers, including one document that identified him as a department head in Unit 26165 – the same position which the FBI accused him of holding in 2018.

Repeated messages left at email addresses and a telephone number purporting to belong to Morgachev went unreturned, and attempts by Reuters to reach him via social media and his current place of employment – said to be the sanctioned Saint Petersburg-based Special Technology Center – were not immediately successful. The Russian Embassy in Washington did not immediately return messages; neither did the FBI.

It wasn’t immediately clear what information the hackers had managed to steal or how significant it was. Morgachev’s inbox could potentially hold insight into Russia’s hacking operations, including the operation against Clinton and the Democrats.

In its indictment, the FBI described him as an officer in the Russia’s military spy agency, still known by its old acronym, GRU. It said his department was “dedicated to developing and managing malware,” including the “X-Agent” spy software used to hack the DNC.

Reuters could not immediately locate contact information for the Cyber Resistance group – one of several Ukrainian hacker gangs that have gained international visibility since Moscow’s full-scale invasion of Ukraine last year.

In its message announcing the theft, the group said of Morgachev: “A very cool and clever hacker, but … We hacked him.”

(Reporting by Raphael Satter; Editing by Hugh Lawson)