According to reports, Chancellor Merkel’s personal computer was in her office in the lower house of the German Parliament, when the attack was carried out. With over 20,000 infected computers, Chancellor Merkel’s was among the first discovered devices that contained the malware which functioned as a Trojan horse on every computer it infected.

The cyber-criminals’ vendetta

The same report goes on to claim that as soon as hackers’ had access to Chancellor Merkel’s personal computer, phishing emails were sent out from her own computer, to other Bundestag employees. The bait was set as an invitation to a conference from the Chancellor herself, to those who received the emails. Clicking and accepting such an invitation triggered the download of the malware infection, onto the unsuspecting victims’ computers.

These revelations follow last week’s significant news that an attack against the German Bundestag had:

Affected 20,000 computers in the network that’s serving the German Government.

At the time of reporting the hack, the malware was still communicating with the cyberattackers, feeding them with sensitive data.

The cost of repairing the network and replacing the affected computers is estimated to cost up to 7 million Euros.

According to Bild however, these claims were largely unfounded, with the newspaper claiming that malware was found on a total of 15 computers and data had been stolen from just five of the fifteen computers.

These claims by Bild were neither confirmed nor denied by a spokesperson for Chancellor Merkel’s Christian Democratic Union who refused to shed light into the matter.

Russian interests

Hans-Georg Maassen, the head and chief of the German domestic intelligence service told in a press conference that the attack is likely to have been carried out by a “foreign intelligence service”, according to Russian news outlet RT.

Being a lot more specific, a report from Der Spiegel quoted sources who were a part of the internal investigation, saying that a Russian Intelligence Agency was behind the cyberattack.

Past intrusions

In January, a group comprising of hackers with pro-Russian sensitivities called ‘CyberBerkut’ claimed responsibility for targeting Angela Merkel’s own website, while knowing it offline entirely. They did this to a number of other German government websites as a part of the same attack.

Winding the clock back even further, leaked documents by U.S. whistle-blower Edward Snowden claimed that the NSA (National Security Agency) had wire-tapped Chancellor Merkel’s phone. This led to a strained relationship in diplomacy between the two countries. However, on June 12, German officials said that the investigation looking into such claims was being dropped.