Macron emails posted online in ‘massive’ hacking operation
Trove of internal campaign documents posted online on ahead of election
French presidential candidate Emmanuel Macron has been the target of a “massive” computer hack just hours before voters go to the polls, his campaign team said.
As much as 9GB of data were posted on a profile called EMLEAKS to Pastebin, a site that allows anonymous document sharing. It was not immediately clear who was responsible for posting the data or if any of it was genuine.
In a statement, Mr Macron’s political movement En Marche (Onwards) confirmed that it had been hacked.
“The En Marche Movement has been the victim of a massive and co-ordinated hack this evening which has given rise to the diffusion on social media of various internal information,“ the statement said.
An interior ministry official declined to comment, citing French rules that forbid any commentary liable to influence an election, which took effect at midnight on Friday.
The presidential election commission said in statement that it would hold a meeting later on Saturday after Macron‘s campaign informed it about the hack.
It urged the media to be cautious about publishing details of the emails given that campaigning had ended, and publication could lead to criminal charges.
Comments about the email dump began to appear on Friday evening just hours before the official ban on campaigning began. The ban is due to stay in place until the last polling stations close on Sunday evening.
Opinion polls show independent centrist Mr Macron is set to beat National Front candidate Ms Le Pen. The latest surveys show him winning with about 62 percent of the vote.
Mr Macron’s campaign has previously complained about attempts to hack its emails, blaming Russian interests in part for the cyber attacks.
On April 26th, the team said it had been the target of attempts to steal email credentials dating back to January, but that the perpetrators had failed to compromise any campaign data.
The Kremlin has denied it was behind any such attacks, even though Macron‘s camp renewed complaints against Russian media and a hackers’ group operating in Ukraine.
Vitali Kremez, director of research with New York-based cyber intelligence firm Flashpoint, told Reuters his review indicates that APT 28, a group tied to the GRU, the Russian military intelligence directorate, was behind the leak. He cited similarities with US election hacks that have been previously attributed to that group.
APT28 last month registered decoy internet addresses to mimic the name of En Marche, which it likely used to send tainted emails to hack into the campaign’s computers, Mr Kremez said. Those domains include onedrive-en-marche.fr and mail-en-marche.fr.
“If indeed driven by Moscow, this leak appears to be a significant escalation over the previous Russian operations aimed at the US presidential election, expanding the approach and scope of effort from simple espionage efforts towards more direct attempts to sway the outcome,” Mr Kremez said.
On Friday night as the #Macronleaks hashtag buzzed around social media, Florian Philippot, deputy leader of the National Front, tweeted “Will Macronleaks teach us something that investigative journalism has deliberately killed?“
Macron spokesman Sylvain Fort, in a response on Twitter, called Mr Philippot‘s tweet “vile“.
En Marche said the documents only showed the normal functioning of a presidential campaign, but that authentic documents had been mixed on social media with fake ones to sow “doubt and misinformation”.
The leaks emerged on 4chan, a discussion forum popular with far right activists in the US. An anonymous poster provided links to the documents on Pastebin, saying, “This was passed on to me today so now I am giving it to you, the people.“