View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
May 25, 2022updated 26 May 2022 9:30am

Emails of leading pro-Brexit figures leaked by Russian hackers alleging ‘deep state conspiracy’

Cybercrime gang Callisto says it has obtained messages from leading pro-Brexit figures.

By Claudia Glover

Leaked emails from several prominent pro-Brexit figures have been published on a website called “Very British Coop d’Etat.” The perpetrators are thought to be Russian state-sponsored cybercriminals.

Boris Johnson has been labelled a “sneaky strawhead” on a website that has allegedly published emails from leading pro-Brexit figures. (Photo by Frank Augstein-WPA Pool/Getty Images)

Emails allegedly from the accounts of former head of MI6 Richard Dearlove, ex-Labour MP and leading Brexit campaigner Baroness Stuart, and pro-Brexit historian Richard Tooms, among others, have been leaked on the site.

The site claims that the leaked messages show that a group of pro-Brexit figures is secretly controlling the United Kingdom, alleging that there was a ‘deep state’ plot to place Boris Johnson at the head of the UK government instead of Theresa May.

Emails purporting to be from Dearlove’s account on encrypted email service ProtonMail feature prominently on the site.

Brexit email leak: conspiracy or legitimate lobbying exercise?

Dearlove, who led MI6 between 1999 and 2004, told Reuters “I am well aware of a Russian operation against a Proton account which contained emails to and from me.” He told reporters that the emails demonstrate nothing sinister, and instead show a “legitimate lobbying exercise.” 

The campaign has been referred to as “clumsy” and “disinformation” by Shane Huntley, director of Google‘s Threat Analysis Group, who first spotted the site. Huntley questions the validity of the leaks as well as their sources: “As we take a breath, we note that this is a pretty clumsy campaign, and maybe based on just one hacked ProtonMail account,” he tweeted earlier today. 

The group behind the Brexit email leak is thought to be Russian cyber-espionage group Callisto, also known as COLDRIVER and Gamaredon. Earlier this year, Google’s Threat Analysis Group observed the group sending phishing emails to a NATO Centre of Excellence, as well as some US NGOs, a Ukrainian defence contractor and other targets in Eastern Europe.

Callisto working for the Russian government

Callisto has been particularly interested in military targets, and in November the Ukrainian Security Service revealed the real identities of five of the group’s members in retaliation for its behaviour. Security company Recorded Future notes that the gang probably “acted on orders from the [Russian] FSB Center for Information Security,” and that it was “one of the most active groups targeting Ukraine“.

There has been some speculation that the leaks were enacted in retaliation to Boris Johnson and the UK’s support of Ukraine during its war with Russia. Johnson, who has been banned from Russia, is referred to as a “puppet” and a “sneaky strawhead” on the site.

Read more: New technologies are making conflicts like the Ukraine war more deadly for civilians

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.