This Citizen Lab report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims. Citizen Lab researchers name this technique “tainted leaks.” The report illustrates how the twin strategies of phishing and tainted leaks are sometimes used in combination to infiltrate civil society targets, and to seed mistrust and disinformation. It also illustrates how domestic considerations, specifically concerns about regime security, can motivate espionage operations, particularly those targeting civil society.


Follow this research in the news:

Kremlin critics targeted in hacking attack (Financial Times) (paywall)
Russian spies may have backed email phishing campaign in effort to spread disinformation (CBC News)
Russian ‘Fancy Bear’ hackers tainted their huge leaks with fake data (Forbes)
Researchers say they’ve uncovered a disinformation campaign with apparent Russian link (Washington Post)
Q&A with Citizen Lab on “Tainted Leaks” and Russia’s disinformation campaign (Just Security)
Citizen Lab reveals cyber espionage, disinformation campaign with Russian connections (U of T News)