The Russian cyber troop APT 28, also known as “Fancy Bear”, has a new commander, according to Ukrainian sources. The new commander is said to be Lieutenant Sergei Morgachev, who has a whole data collection published on him. Morgachev started his service in unit 26165 at the GRU military intelligence agency after completing his studies. He has now been appointed as a “first-class programming technician” and is a kind of malware developer for the GRU in a managerial position.
Morgachev’s participation in cyber attacks was not the first to attract attention during the Ukraine war. His name appears in a 2018 US indictment relating to attacks on the Democratic Congressional Campaign Committee and the Democratic National Congress before the US presidential election in 2016. He was accused of developing malware called “X-Agent” with which the networks of the Democratic Party were attacked. Morgachev was also on operational duty for the GRU in the first months of the 2022 Ukraine war, but he was given a new post in August 2022.
It is strange that a military intelligence officer trained in secrecy keeps such sensitive and telltale documents in his mailbox. However, their publication has already affected one of his presumed career goals, namely a highly paid post in an embassy of the Russian Federation.
The attack on the IT infrastructure of the German Bundestag in 2015 served less to obtain information than to demonstrate power. Like most attacks by cyber troops of the GRU, the attack became public immediately after the simultaneous activation of the previously smuggled malware on several computers across the IT department of the German Bundestag. Eventually, the Bundestag administration had to replace the entire hardware.
The released documents showed only that a majority of the Democratic establishment had favored Hillary Clinton during the US presidential election in 2016. Donald Trump’s election campaign brigade supported by commentators from Fox and the global network of Russian state TV RT made it the scandal of all scandals. WikiLeaks also played a less than creditable role in this production. Despite the paradox, Russian President Vladimir Putin wanted to prevent Hillary Clinton’s election as US President.
