If you're just catching up, Fancy Bear was outed this past week and those Ukrainian hackers are going to cause a lot of legal problems for their supporters in the US if journalists remember their job is to protect the public as a 4th estate. If they don't, we'll get there without them.
In the end, you could say Fancy Bear was caught because they confessed to every step involved that identified them and by disseminating evidence further incriminated themselves. They confessed and RUH8 took credit everywhere they could including RFE/RL. The Australian Sunday Morning Herald noted Fancy Bear looked like a Ukrainian adventure.
In Information Operations (IO) the second you take credit for it, "it" stops working. Eventually, most often sooner than later, someone is going to notice. So, a good rule of thumb for those aspiring to be the Doctor Evil of the hacking and the IO world is to remember: loose lips sink ships. And to the chagrin of hacking masters everywhere, physics governs sinking ships.
Common knowledge tells us Fancy Bear is Russian FSB and GRU. You know that. Everyone knows that. My response is Fancy Bear was rogue Russian FSB and GRU Intel to the degree you count Shaltai Boltai (Humpty Dumpty) as part of the group CyberHunta along with the Ukrainian DNC and RNC hackers RUH8, Trinity, and Falcons Flame.
These hackers work with InformNapalm, EuroMaidanPress, the US and Canadian Ukrainian Diasporas, StopFake, the Atlantic Council, Michael D. Weiss and InterpreterMag, NATO COE Latvia, and you are starting to get the picture aren't you?
What does Eliot Higgins have to say about it? Does he know the Ukrainian hackers he and Bellingcat work with are Fancy Bear? If the Atlantic Council hackers are Fancy Bear will it ruin Ukraine, Higgins, and the Atlantic Council because they provide the Intel? The following Twitter string was in reaction to the Fancy Bear expose article I just published.
All stop. Game over.
No one will care Fancy Bear is the Ukrainian hackers who changed the geopolitical landscape of East-West relations in 2016. Or that these hackers work with and for Higgins, Bellingcat, and the Atlantic Council.
"So the help of the USA" I don't know, why would we need it? We have all the talent and special means for this. And I don't think that the USA or any NATO country would make such sharp movements in international politics." We have no Need of CIA Help Ukrainian Hackers of #Surkov Leaks
No one will care the Ukrainian Fancy Bear hackers testimony for the US Senate generates tons of graft money to steal for the failing state of Ukraine. Why put em' in jail when you can give them tax dollars instead?
"1. Alexander Usovsky, a Belarusian living in Poland, received more than 100,000 US dollars from Russia in order to finance anti-Ukrainian nationalist groups in Poland and to set Poles against Ukrainians. Usovsky's correspondence with the Russian MP and director of the Institute of CIS countries, Konstantin Zatulin, who provided this funding, was revealed by the Ukrainian groups CyberHunta and Cyber Alliance. Usovsky coordinated his anti-Ukrainian actions with..."- Statement of Mustafa Nayyem and Svitlana Zalishchuk Members of the Parliament of Ukraine before the Subcommittee on Department of State, Foreign Operations, and Related Programs of the Senate Committee on Appropriations March 29, 2017
No one will care Ukrainian Fancy Bear hackers are strictly political operatives working for Ukrainian Intel provided a lion's share of information about MH17 and interfered with the 2016 US presidential election on behalf of Petr Poroshenko to throw a lot of dirt in the air.
"Sednit -- also known as APT28, Fancy Bear, and Sofacy -- has been operating since 2004. The cyber-mob has reportedly infiltrated machines operated by targets as diverse as the DNC, the German parliament, Hillary Clinton's presidential campaign boss John Podesta, former US Secretary of State Colin Powell, and the French TV network TV5Monde."- US DNC hackers blew through SIXzero-days vulns last year alone Most targets were individuals with Gmail addresses