Researchers at Trend Micro said that the hacking group, dubbed Pawn Storm, appears to be behind attempts to steal personal and corporate data of the CDU and high-profile individuals at two popular free email services.
A year ago, Pawn Storm was linked by the same research group to attacks which compromised computers in the Bundestag lower house of parliament.
The latest attacks consisted of seemingly coordinated credential phishing attacks against the CDU and other high profile users via computer services based in Latvia and the Netherlands, Trend Micro said in a blog post.
At the CDU headquarters in Berlin, a source told Reuters that the party was looking into the report.
Pawn Storm has been active for more than a decade and is considered one of the longest lasting cyber-espionage groups.
Several major computer research groups say it has targeted opposition groups in Russia, as well as governments in adjacent Eastern European countries, Turkey, the United States and NATO.
It has also hit armed forces, defense companies and media in those countries, Trend Micro said.
"Pawn Storm clearly targets groups that could be perceived as a risk to Russian politics and interests," Trend Micro said.
The cyber-attack on the German parliament was first reported in May 2015. German media have said replacing the computer system could cost the government millions of euros.
Der Spiegel news magazine also quoted from an internal investigation saying there were indications that a Russian intelligence agency had staged the attack.
In January 2015, German government websites, including Merkel's website, were hacked in an attack claimed by a group demanding Berlin end support for the Ukrainian government.
© Thomson Reuters 2016