Digital attacks on the World Anti-Doping Agency’s servers are likely the work of Russian state-sponsored hackers, according to security firm ThreatConnect.
The hacks may be a response to WADA’s ban of Russian athletes linked to state-sponsored doping from the Rio Olympic and Paralympic Games, the company said in a blog post Friday.
Domain names used in phishing attacks spoofing WADA accounts were registered using webmail providers and anonymous domain registration sites previously used by the Russian group nicknamed Fancy Bear, also linked to recent attacks on Democratic Party servers. The domains were registered around the time of the Russian ban announcement, according to ThreatConnect.
Since an email address and WADA login belonging to Yuliya Stepanova—a Russian athlete who exposed details of the country’s state-sponsored doping program—were also hacked, ThreatConnect researchers speculated the attacks may partially be an attempt to intimidate future whistleblowers.