The hackers responsible for breaching the Democratic National Committee’s (DNC) servers maintained a hit list of other potential targets that included a number of people and organizations that are considered in opposition to Russian President Vladimir Putin, the Associated Press reported.

As a part of an exhaustive report that included a review of more than 4,7000 Gmail accounts targeted by Fancy Bear, the hackers behind the DNC breach, the Associated Press and security researchers seem to have tied the attack that disrupted the 2016 United States presidential election to the Kremlin.

According to research from cybersecurity firm Secureworks, Fancy Bear targeted more than 575 Gmail accounts in the U.S. as part of a more than year-long campaign to compromise political targets. Those accounts included State and intelligence officials, military officers, defense contractors and political figures including then-Secretary of State John Kerry and former Secretary of State Colin Powell.

The list of targets included more than 130 members of the Democratic Party and campaign staffers, including political advisors serving on the campaign of Democratic Party presidential nominee Hillary Clinton. Few Republicans were subjected to the attack.

The Associated Press also found at least 545 Gmail accounts belonging to Ukrainians that were targeted by Fancy Bear, including the nation’s president Petro Poroshenko and his son. A number of former and current ministers and lawmakers were also attacked.

Ukrainian journalist and politician Serhiy Leshchenko was also specifically targeted by Fancy Bear. Leshchenko headed up an investigation into the millions of dollars allegedly paid by a pro-Russian Ukrainian political party to Paul Manafort, who would later go on to become the campaign chairman for then-presidential candidate Donald Trump.

Manafort was recently the subject of a grand jury indictment brought by Special Counsel Robert Mueller that charged Manafort with “conspiracy to launder money” and “failure to file reports of foreign bank and financial accounts.”

Within Russia, the targets of the hacking group were almost exclusively enemies of Vladimir Putin. The targets within the nation including investigative journalists and media figures who have been critical of Putin’s administration. A number of activists, including Maria Alyokhina of the Russian punk rock band Pussy Riot, were also on the list.

The apparent “hit list” of targets that Fancy Bear would like to hack was assembled obtained by Secureworks, which has been tracking the Russian-government linked hacking group for more than two years, after the group slipped up in attempting to cover their tracks.

Fancy Bear typically used multiple accounts for the URL shortener service Bit.ly to hide the true destination of a link, rerouting a person across several disguised URLs before landing on a malicious site. At some point, the group forgot to activate the privacy settings on the Bit.ly accounts, which allowed the security researchers to tie those accounts to the hacking group.

Once Secureworks was able to tie the Bit.ly accounts to Fancy Bear, the researchers were able to track the links and determine who the hackers were targeting. In total, the group created more than 19,000 malicious links that were sent to 4,700 different targets.

RELATED STORIES
Security Russia Hillary Clinton Donald trump