🚨NEW REPORT: exposing a new hacking tactic. 🇷🇺Russian state-backed hackers used an App-Specific Password attack against prominent Russia expert @KeirGiles & others. It's like they know what we all expect from them...and then did the opposite 1/ By us @citizenlab & @google's GTIG

2/ Let's begin: @KeirGiles gets a message purporting to be from @StateDept asking for a consultation. The attackers send the message from a @gmail, but CC'd a bunch of email addresses @ . Strong credibility signal to have a bunch of gov ppl on the CC line right? Well, what the attackers were counting on is that the State Dept mailserver just accepts all email addresses without emitting a bounce. So they seem to have just created some fake State Dept staff names and addresses.