Mr. Mahjoubi refused to reveal the nature of the false documents
that were created, or to say whether, in the Friday document dump that was the result of the hacking campaign, there were false documents created by the Macron campaign.
“By the quantity of the documents we put in,” he added, “and documents that might interest them.”
With only 18 people in the digital team, many of them occupied in producing campaign materials
like videos, Mr. Mahjoubi hardly had the resources to track down the hackers.
“If this was APT28,” he said, using the name for a Russian group believed to be linked to the GRU,
a military intelligence agency, “they have been caught in the act, and it has backfired for them.”
Now, he said, the failure of the Macron hacks could just push Russian hackers to improve their methods
But he did note that in the mishmash that constituted the Friday dump, there were some authentic documents, some phony documents
of the hackers’ own manufacture, some stolen documents from various companies, and some false emails created by the campaign.
Other documents had last been modified by Russian usernames, including one person
that researchers identified as a 32-year-old employee of Eureka CJSC, based in Moscow, a Russian technology company that works closely with the Russian Ministry of Defense and intelligence agencies.
“We couldn’t guarantee 100 percent protection” from the attacks, “so we asked: what can we do?” Mr. Mahjoubi opted for a classic “cyber-blurring” strategy, well known to banks
and corporations, creating false email accounts and filled them with phony documents the way a bank teller keeps fake bills in the cash drawer in case of a robbery.