“Howdy Joseph,” the July email I got from Zdravko Krivokapić, who was the Prime Minister of Montenegro until last year, read.
Obviously, this wasn’t actually Krivokapić emailing me. Instead, it was a hacker who had gained access to what seemed to be Krivokapić’s personal Gmail account. The hackers proceeded to send me a mass of alleged documents from the government of Montenegro, including some related to the country’s Ministry of Finance. Alongside those, the hacker also sent photos of cash, flashy watches, and weapons, which appear to be from the hacker’s own collection and not the former Prime Minister’s.
Beyond wanting to flex their access to Krivokapić’s account, the hacker said they might use the compromised email to then target other services, using the former Prime Minster’s identity as a cover. It’s unclear how successful that attempt may have been, but the brazenness of emailing a journalist from an official’s email account did highlight something gaining popularity in the digital underground. Hackers are compromising the email accounts of government and law enforcement officials, selling them on the open market, and in some cases using that access to trick social media giants and other legitimate companies to hand over their customers' data. Desired targets include TikTok, Discord, Snapchat, Facebook, and Instagram. The groups where these email accounts are often advertised include criminals who use personal information to target people for harassment, extortion, or physical violence.