at least 15 computers belonging to members of Germany ’ s lower house of parliament , the Bundestag , and stealing dataAttack.Databreach. Germany ’ s Federal Office for the Protection of the Constitution ( BfV ) said the attackAttack.Databreachwas conducted by a group called Sofacy , which “ is being steered by the Russian state . '' BfV chief Hans-Georg Maassen told Reuters in November that Moscow has tried to manipulate the media and public opinion through various means , including planting false stories . One in 2015 by Russian media was about a German-Russian girl kidnapped and raped by migrants in Berlin . German Chancellor Angela Merkel said she could not rule out Russian interference in Germany 's 2017 federal election through Internet attacks and disinformation campaigns . The country 's Central Election Commission had been hacked during a referendum and local elections in 2015 that was almost certainly linked to Russia and a group that had hacked NATO headquarters in Brussels in 2013 , then-President Rosen Plevneliev told the BBC in November . `` The same organization that has attackedAttack.Databreachthe ( German Parliament ) — stealingAttack.Databreachall the emails of German members of Parliament — the same institution that has attackedAttack.DatabreachNATO headquarters , and that is the same even that has tried to influence American elections lately and so in a very high probability you could point east from us ” ( to Moscow ) , Plevneliev said . A pro-Russian political novice was elected in November to replace Plevneliev . The Vienna-based Organization for Security and Cooperation in Europe , whose tasks include monitoring elections across Europe and the conflict in eastern Ukraine , was attacked in “ a major information security incident ” in November , spokeswoman Mersiha Causevic Podzic said . The incident “ compromised the confidentiality ” of the organization ’ s IT networks , Podzic said . The French daily Le Monde , which first reported the incident , cited a Western intelligence agency attributing the attack to the Russia-linked group APT28 , aka Fancy Bear , and Sofacy . Russia , a member of the OSCE , has objected to the group ’ s criticism of Russian-backed forces battling the Ukrainian government in eastern Ukraine . Russian hackers posing as the “ Cyber Caliphate ” were suspected of attacking France ’ s TV5Monde television channel in 2014 , causing extensive damage to the company ’ s computer systems , FireEye , a cyber security firm that examined the attack , told BuzzFeed . The attack involved posting of Islamic State propaganda , but appeared to use the same servers and have other similarities with Russian-linked APT28 , the group that is a suspect in attacks on the Democratic National Committee , the OSCE and several other European countries . “ APT28 focuses on collecting intelligence that would be most useful to a government , ” FireEye said . “ Specifically , since at least 2007 , APT28 has been targeting privileged information related to governments , militaries and security organizations that would likely benefit the Russian government ” . The security chief of France 's ruling Socialist Party recently warned that the country 's presidential election this spring is at risk of being hacked . Hackers in 2014 attackedAttack.Databreachthe Warsaw Stock Exchange and at least 36 other Polish sites , stealing dataAttack.Databreachand posting graphic images from the Holocaust . The group that claimed responsibility , CyberBerkut , is the same Russian-linked group that attacked Ukrainian sites . The group , posing as Islamic radicals , stoleAttack.Databreachdata and releasedAttack.Databreachdozens of client log-in data , causing mayhem for the exchange , according to Bloomberg News . Dan Wallach , a computer scientist at Rice University who testified about election computer security on Capitol Hill in September , said definitive proof of who conducted an attack would reveal methods and sources who would be lost or killed if exposed . “ You ’ re never going to have definitive attribution , ” Wallach said in an interview . “ The proof is some crazy top secret thing and not for public dissemination ” .
In 2015 , the FBI shuttered malware marketplace Darkode , and then at the end of last year a small group of hackers launched their own eponymous copycat version . Almost immediately , however , other hackers attackedAttack.Databreachthat new site , and stoleAttack.Databreachuser account information . `` It 's a shit show on what happened , '' a Darkode staff member who used the handle Bullets told Motherboard . Hackers managed to stealAttack.Databreacha database of Darkode 's users , including usernames and hashed passwords . Paid breach notification site LeakBase provided Motherboard with a copy of the data . The database included this reporter 's Darkode account , used to briefly visit the site when it launched . The data also includes users ' email addresses and IP addresses ; something that might be particularly worrying if those who signed up were involved in any illegal activity—it probably does n't help to have an IP address linked to your identity floating around the internet . It 's fucked up , '' one of the hackers behind the breach , who used the moniker FuckInterpol , told Motherboard . `` Dear fake darkode wannabes , you 're [ sic ] forum has been owned , and your admins have terrible opsec , '' one message posted to the forum read . The hackers also deleted other threads on the site . Bullets , the staff member , claimed the hackers got in , at least in part , because he reused a password from another previously hacked site . `` The only reason I joined in the first place was just to see what the hell was actually going on . I used a common password I use when I signed up thinking nothing of it seeing I never thought I 'd stay on the site & if anyone got access to it , it would n't be a big deal , '' Bullets said