On Nov. 14, the documents say, dozens of DNC email addresses were on the receiving end of a spearphishing campaign by one of two Russian organizations believed to be responsible for hacking into the committee’s computers during the 2016 presidential election. There is no evidence that the most recent attack was successful.
The documents, filed in federal court in New York, were part of an amended complaint in a lawsuit filed in April that claimed the committee was the victim of a conspiracy by Russian intelligence agents, President Donald Trump’s 2016 campaign and WikiLeaks to damage Hillary Clinton’s presidential run.
The new court filings say the time stamps and contents of the spearphishing emails received in November were consistent with separate cyberattacks around the same time tied to the Russian hacking group known as Cozy Bear, one of the two Russian groups suspected of breaching DNC computers in 2016.
Security researchers believe the hacking attempt against the DNC in November was part of a broader campaign that used decoy emails that appeared to come from the State Department.
That campaign had more than a dozen targets, according to a report by cybersecurity firm FireEye. Researchers believe the goal was to ferret out U.S. foreign policy, particularly on issues related to Africa; Democratic policy positions; and the platforms of 2020 Democratic presidential hopefuls.
FireEye said the attempted hacking of the DNC in November resembled other recent attacks attributed to Cozy Bear, including its “deliberate reuse” of old phishing tactics and reliance on a similar list of victims. But there were a few new wrinkles, including new decoy email addresses and different obfuscation techniques.
The hackers sent some targets of the broader campaign three phishing emails at most. In other instances, they were more aggressive, sending as many as 136 emails to a single organization. In some cases, the malware-laced emails were successful. And once they gained access to a computer network, it was only a matter of hours before they were deploying stealthier hacking tools.
This article originally appeared in The New York Times.