As widely predicted, a huge trove of private documents was released to the public on Friday ahead of the French presidential elections at the weekend, in an apparent attempt to defame front-runner Emmanuel Macron.
The 9GB cache was uploaded to Pastebin and shared on 4Chan, as well as being publicized by various alt-right sites and Twitter accounts. However, experts voiced strong suspicions that the docs were edited prior to posting.
They purport to show that former finance minister Macron had secret bank accounts and was involved in other dodgy dealings.
France’s strict election laws led to the Election Commission releasing the following statement on Saturday:
"On the eve of the most important election for our institutions, the commission calls on everyone present on internet sites and social networks, primarily the media, but also all citizens, to show responsibility and not to pass on this content, so as not to distort the sincerity of the ballot."
No-one has claimed responsibility for the leaks, although it is widely believed that Russia-aligned hackers were to blame.
Macron’s campaign claimed the leaks were the result of “massive co-ordinated hacking”.
"The leaked files were obtained several weeks ago by hacking personal and professional email accounts of several officials of the movement,” it added in a statement seen by the BBC.
APT28 (aka Pawn Storm), the group widely linked to the hacking of the Democratic Party in the US, was spotted by Trend Micro registering phishing domains related to Macron’s En Marche! campaign last month.
It would certainly be in the interests of the Kremlin to destabilize Macron’s campaign, in favor of Putin supporter Marine Le Pen.
In the end the leak had no impact on the outcome of the election, which centrist candidate Macron won easily.
However, it places firmly into focus the fact that such attempts to influence democratic elections are now the “new normal”.
“The impression on the 4Chan boards, the so-called ‘armpit of the internet’, is that this is all a game. But the effects of repeated attacks against political parties is serious. It's unlikely those orchestrating these attacks would have the best interests of those happily spreading their output at heart,” argued AlienVault threat engineer Chris Doman.
“The French elections will be over Sunday, but it's unlikely these types of attacks will be. Related attacks targeting German political parties for the upcoming German elections have already been identified.”
In fact, Trend Micro has already observed new phishing domains registered by Pawn Storm related to two major German political organizations: the Konrad Adenauer Stiftung, associated with Angela Merkel’s CDU party, and the Friedrich Ebert Stiftung, associated with the SPD.