Hackers working for the Belarusian Ministry of Defense have sent a “mass” of phishing emails trying to compromise the private email accounts of Ukrainian military personnel and their associates, Ukrainian officials alleged Friday.
It wasn’t immediately clear how successful the hacking attempts have been, but they could provide useful information to Belarusian intelligence services, and in turn Russian forces as they bear down on the Ukrainian capital of Kyiv.
After breaching an email account, the hackers send additional malicious emails to the account’s contacts to propagate the hacking campaign, the Ukrainian government’s Computer Emergency Response Team said in a Facebook post.
Victor Zhora, a senior cybersecurity official at the State Service of Special Communications and Information Protection of Ukraine, told CNN that the aim of exposing the phishing campaign was to “prevent [it from having] a bigger impact.” Zhora said officials don’t know how successful the hacks have been yet.
CNN has reached out to the Belarus’ Ministry of Defense for comment.
Belarus has played a key role in the Russian invasion of Ukraine. Russian forces crossed the Belarus-Ukraine border with support from Belarus, according to Ukrainian officials. The Biden administration has sanctioned nine Belarusian defense firms for their support of the invasion.
The alleged Belarusian hacking group has had a long history of hack-and-leak operations targeting NATO members. An information operations group linked with the hackers planted a fake letter on the website of a Polish military academy that purported to denounce the presence of US troops in Poland, according to cybersecurity analysts.
In November, US cybersecurity firm Mandiant linked the hacking group to the Belarusian government with “high confidence,” adding that the group has supported information operations in Ukraine, Lithuania, Latvia, Poland and Germany.