On October 8, experts from the cybersecurity company Group-IB reported that the criminals on September 2 really hacked The Bell website and sent a newsletter on behalf of the publication.
The Group-IB Computer Forensics and Malware Research Laboratory found out that on the evening of August 29, hackers began sending requests in an attempt to exploit a vulnerability that allows remote code execution. The next day, the program for checking for a number of web application vulnerabilities Burp Suite started to scan the website.
On August 30, the attackers gained access to the administrative panel of the publication's website. This allowed hackers to send a fake newsletter on September 2.
On the morning of September 2, the editorial board of The Bell reported the hacking of the email account, before that subscribers received a newsletter calling for a boycott of the elections to the Duma of Russia and to go on pickets on election day. The text of the letter and the design were stylized for the daily newsletter of the publication.
The general director of the publication Elizaveta Ossetinskaya called the newsletter a provocation, “the purpose of which is to accuse us of political activity, which we have not engaged in, are not engaged in and were not going to engage in.”
In addition, earlier, it was reported that unknown people tried to hack the phone of The Bell journalist Irina Pankratova. They ordered the details of her calls and SMS messages using a fake notarial power of attorney in the office of MegaFon.
It is worth noting that Group-IB cooperates with Interpol, Europol and the OSCE. The organization provides assistance to Russian special services and law enforcement agencies in operations against hacker groups.
Earlier, CySecurity News reported that on September 29, the head of Group-IB Ilya Sachkov was arrested for two months. The Investigative Committee charged him with high treason.