Slashdot Mirror
Report: Russian Hackers Phished The DNC And Clinton Campaign Using Fake Gmail Forms (buzzfeed.com)
Citing a report from SecureWorks, BuzzFeed is reporting that Russian hackers "used emails disguised to look as Gmail security updates to hack into the computers of the Democratic National Committee and members of Hillary Clinton's top campaign staff":
The emails were sent to 108 members of Democratic presidential nominee Hillary Clinton's campaign and 20 people clicked on them, at least four people clicking more than once, Secureworks' research found. The emails were sent to another 16 people from the DNC and four people clicked on them, the report said.
Researchers found the emails by tracing the malicious URLs set up by [state-sponsored hacking group] Fancy Bear using Bitly, a link shortening service... "We were monitoring bit.ly and saw the accounts being created in real time," said Phil Burdette, a senior security researcher at SecureWorks, explaining how they stumbled upon the the URLs set up by Fancy Bear.
The URL apparently resolved to accounts-google.com (rather than accounts.google.com), and Burdette says "They did a great job with capturing the look and feel of Google."
Researchers found the emails by tracing the malicious URLs set up by [state-sponsored hacking group] Fancy Bear using Bitly, a link shortening service... "We were monitoring bit.ly and saw the accounts being created in real time," said Phil Burdette, a senior security researcher at SecureWorks, explaining how they stumbled upon the the URLs set up by Fancy Bear.
The URL apparently resolved to accounts-google.com (rather than accounts.google.com), and Burdette says "They did a great job with capturing the look and feel of Google."
It had to be the Russians because she has done nothing to kill members of our intelligence community that may have taken some offense and are smart enough to know "false flag"
Education and training is always the weakest link. I think such a targeted phishing expedition would have similar success against the vast majority of organizations today, unfortunately.
Using bit.ly. Oh the IRONY that the .ly TLD could somehow be involved in taking down Hillary Clinton.
Seven puppies were harmed during the making of this post.
This is not click, this is prick! Call it that and make dicks think twice before PRICKING on a link!
A few points on this alleged story:
1. The Clinton campaign desperately trying to distract attention away from Hillary's fundamental dishonesty.
2. Maybe the story is true, and the Clinton campaign hires people with the security acumen of a burned-out toaster.
3. Buzzfeed? Really?
4. Maybe they figure if they keep yelling "Trump is a Putin pawn!" enough we'll ignore the fact that Podesta is a registered lobbyist for Putin's bank.
There's one candidate in this race who has a proven record of taking money for favors from Russian sources, and it isn't Trump.
Lawrence Person (lawrencepersonh@gmailh.com (remove all "h"s to mail)
http://www.lawrenceperson.com/
Frankly I'm surprised we don't see this technique used more often.
#DeleteChrome
http://projects.fivethirtyeigh...
You are welcome on my lawn.
Notice the disinformation? the misdirection from many outlets designed to have you worrying about whether the Russians did or did not hack the DNC and Clinton emails. This is so you focus on that rather than on the contents of the emails - which are extremely shocking in their levels of Machiavellian dealing, corruption, subversion of democratic processes and explicit contempt for the average American citizen and their vote.
It is time to withdraw Hillary as a candidate. The American people deserve better than her (or Trump). If Hillary is elected it is clear she'll be impeached in record time as the only people who like her are misogynistic dictators and theocrats who like people who accept naked bribes to sell out the American citizens.
The Democrats used to have some amazingly promising candidates, surely they can muster some now ?
I'm still not sure how this points to the Russians... How do we not know that it isn't some dude sitting on the beach in Tahiti and bouncing it off a server or VPN in Russia? How do we know it isn't the Chinese doing the same thing? How about a disgruntled Lithuanian? Most anybody can look like they are from anywhere. In fact, on virtually any TV show where hacking is involved, they always talk about it not being tranceable because it is "bouncing all over the world" so it isn't like the Evil Lithuanians / Chinese / Icelanders / Argentinians / etc. hackers can't figure out how to use a few VPNs or hacked machines to do their job.
The most amusing bit about the democrats response isn't the fact they aren't screaming "LIES!" It's the fact that they are pointing at Russia and yelling "Those dicks did that!"
My guess is that if the defense is true - she pissed them off with the reset button!
http://www.theblaze.com/storie...
Or not.
According to that she was in bed with Putin.
that does ignore this book
http://www.penguinrandomhouse....
Which tells where the "reset button" was swiped from.
It amazes me that people forget that hillary reset relations and simultaneously screams about hacking.Was she a complete failure back then? Or is she lying now?
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
That's not "using fake emails to hack into the computers of the Democratic National Committee" That's "using hack emails to trick gullible staff members".
Without gullible staff members the computers would have been secure.
It's kind of scary that the people who want to be elected to run the branch of government that is in charge of implementing cyber security are such a bunch of damn clueless morons about it.
I mean there are high schoolers who would do better securing and safeguarding their emails than this crew...
Heh, who's the JV team?
From the article:
"researchers assess with moderate confidence that the group is operating from the Russian Federation and is gathering intelligence on behalf of the Russian government"
I know it fits the playbook to simply call them "Russian Hackers" but hey, maybe...journalism instead?
-Styopa
http://fivethirtyeight.com/fea...
From that fivethirtyeight article some months ago:
So, how do I wind up with that 2 percent estimate of Trump’s nomination chances? It’s what you get3 if you assume he has a 50 percent chance of surviving each subsequent stage of the gantlet.4 Tonight’s debate could prove to be the beginning of the end for Trump, or he could remain a factor for months to come. But he’s almost certainly doomed, sooner or later.
People have to remember that Nate Silver is using statistics based on assumptions, and those assumptions may or may not be valid.
The particular assumption in the link you quoted, is that his chances will not change in the next two weeks.
Let's see what tomorrow may bring, shall we?
It is certainly best for Clintons campaign ito fix blame on "the Russians". It would be better for Trumps campaign if he could blame China. Ergo if the Russians actually did it they would have false flagged China. That is if Russia cares.
You think Clinton's campaign is feeling desperate? Vegas is paying out 6-1 on Trump presidency, but you know better, don't you?
What will their odds be in 3 weeks?
That would be the odds of note.
Crack Whore Hillary rigging the election again. It's clear, one-state one-vote! Crooked Hillary's met Putin! Trump has never met Putin! He's never received gifts from Putin, never praised Putin, never even been to Russia.
He's never even met a Russian person in his life. Not one Russian, ever!
So if anyone got these state sponsored hackers to hack the DNC, it must be Hillary or the Left Wing Media! To distract attention away from her crack problem, which is real BTW, if only the crooked and crooked Paul Ryan would investigate.
If they weren't using at work, (reading/sending) a public email service (which they were doing so to skirt the "Freedom of Information Act" or other laws) and follow security procedures using a secure email address they were given their dirty laundry would never been in the media. What pisses me off to the core is that I would get fired no questions asks for skirting security practices at all of the employers I have worked for. Of course politicians, just get oh well, it not that big of a deal or they acted like that are completely and utterly stupid about the situation.
The left-leaning Buzzfeed staff needs to stick to what they do best.....making videos about Britons eating American snacks.
Have you ever fallen asleep at the keybhanusdiog?
Trump wins the election but the results are nixed due to "meddling" by Russia.
From Russia with love.
..idiot
It's pronounced Gina. Gi-na.
Explaining virtually every spear phishing plan ever run on people for the last 20 years proves nothing. Who-is data for the domain they claim responsible is registered in France, not Russia. Registered to one "sacko.fatou17@yahoo.fr". Domain created 22FEB2012 and expires on 22FEB17. I'll paste more below just in case, but neither the name or the address of the registrant relate to Russia. Fatou is an older family name in France. You want to convince me it's Russian they need to do better than common knowledge. They make it sound like copying a Google page is hard, when in fact it's as simple as "save-as" and downloading a couple of pictures from the same source.
Domain Name: GOOGLE-ACCOUNT.COM
Registry Domain ID: 1703474033_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.register.it
Registrar URL: http://we.register.it/
Updated Date: 2016-03-26T00:00:00Z
Creation Date: 2012-02-22T00:00:00Z
Registrar Registration Expiration Date: 2017-02-22T00:00:00Z
Registrar: REGISTER.IT S.P.A.
Registrar IANA ID: 168
Registrar Abuse Contact Email: abuse[at]register.it
Registrar Abuse Contact Phone: +39.0353230310
Reseller:
Domain Status: ok
Registry Registrant ID:
Registrant Name: Google-Account
Registrant Organization: Google-Account
Registrant Street: 12 Allée des Noisetiers
Registrant City: St denis en val
Registrant State/Province: Haut-Rhin
Registrant Postal Code: 45160
Registrant Country: FR
Registrant Phone: +33.489750045
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:
Registry Admin ID:
Admin Name: Google Account
Admin Organization: Google Account
Admin Street: 12 Allée des Noisetiers
Admin City: St denis en val
Admin State/Province: Haut-Rhin
Admin Postal Code: 45160
Admin Country: FR
Admin Phone: +33.489750045
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email:
Registry Tech ID:
Tech Name: Technical Support
Tech Organization: AMEN.FR
Tech Street: 12-14, Rond Point des Champs Elysees
Tech City: PARIS
Tech State/Province: PARIS
Tech Postal Code: 75008
Tech Country: FR
Tech Phone: +33.811887744
Tech Phone Ext:
Tech Fax: +33.140877689
Tech Fax Ext:
Tech Email:
Name Server: NS1.AMENWORLD.COM
Name Server: NS2.AMENWORLD.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
As long as they were using Gmail in the first place, enabling 2 factor authentication, with the second factor being a U2F key like an inexpensive Yubikey, would have gone a ling ways towards preventing this,
Kythe
love how my headline gets cut off.
Anywhoo, "Russian hackers phish everyone, some idiots in the DNC and Clinton campaign fall for it.
and have never had any security proble...Slashdot is decadent. Comrade, why not visit sunny Moscow and rub lucky chest of King Putin?
Anyone else have a problem with the phrase "We were monitoring bit.ly and saw the accounts being created in real time."?
Why was Accounts-google.com registered to Google inc, 1600 Ampitheatre Parkway at least as far back as 2013? http://www.domainhistory.net/a... and via MarkMonitor https://www.markmonitor.com/ which "protects the leading brands". YAN has been laughing about this all day. Didn't anyone bother to check any of this??
--hongpong.com
There's a big difference between "some hackers in Russia" and "Russian government hackers".
Think the press will make that distinction? LOL.
It's pronounced Zhongguo, actually.
Il n'y a pas de Planet B.
I hope all Americans realize that the rest of the world is dumbfounded that Clinton and Trump are supposedly the best candidates for the presidency of your great nation.
Surely not.
You are all lost!
The Judenpresse in full swing.
Saw the accounts being created?
Do tell us more.
Do these security researchers have access to some sort of API from bitly that exposes new account details? Did bitly let them into their servers to watch?
The real american patriots!
Is this before or after they want preplan the crash of the criminally run financial system?
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
Comment removed based on user account deletion
Only trouble is... Secureworks doesn't say they spoofed using Accounts-Google.com, someone else claimed that. Secureworks say it was a man in the middle attack using a fake domain.
"Between October 2015 and May 2016, CTU researchers analyzed 8,909 Bitly links that targeted 3,907 individual Gmail accounts and corporate and organizational email accounts that use Gmail as a service. In March 2016, CTU researchers identified a spearphishing campaign using Bitly accounts to shorten malicious URLs. .....The short links in the spearphishing emails redirected victims to a TG-4127-controlled URL that spoofed a legitimate Google domain. A Base64-encoded string containing the victim's full email address is passed with this URL, prepopulating a fake Google login page displayed to the victim."
[i.e. they sent them to a page that looked like a Google page]
"The Hillary for America presidential campaign owns the hillaryclinton.com domain, which is used for the campaign website (www.hillaryclinton.com) and for email addresses used by campaign staff. An examination of the hillaryclinton.com DNS records shows that the domain's MX records, which indicate the mail server used by the domain, point to aspmx.l.google.com, the mail server used by Google Apps. Google Apps allows organizations to use Gmail as their organizational mail solution."
[i.e. the staff were using Google, so the attacker knew they would expect a Google prompt for email login]
"TG-4127 exploited the Hillary for America campaign's use of Gmail and leveraged campaign employees' expectation of the standard Gmail login page to access their email account. When presented with TG-4127's spoofed login page (see Figure 1), victims might be convinced it was the legitimate login page for their hillaryclinton.com email account."
So they logged into a screen that looked exactly like Google screen, but was a man- in-the-middle attack. In the process they handed over the password and login details for their Gmail account. Two part authentication and forced encryption everywhere is needed.
You mean PRC.
Google needs to monitor the DNS system for *google* to detect registration of fraud domains.
What will their odds be in 3 weeks?
That would be the odds of note.
While having 666-1 odds on Trump presidency may be of note, it will sure be too unsettling for most people to place such a bet.
Mit der Dummheit kämpfen Götter selbst vergebens
There are at least a dozen current or former members of the domestic intelligence community who have died of "natural causes" or "accident" in the past three months.
"There are at least a dozen current or former members of the domestic intelligence community who have died of "natural causes" or "accident" in the past three months."
You mean of a community made up of what is probably -- when you add together CIA, NSA, military intelligence and contractors -- tens of thousands of people, many of them old, "at least a dozen" have died in the past three months?
They're mostly middle-aged realtors with low degrees of computer literacy, yet it seems they are less likely to fall for these fake google login scams than the DNC. That's sad.
Unfortunately, I can't claim that was the problem. Instead, I'll plead "typing on a treadmill using the hideous onscreen keyboard of a Surface Pro".
AT ANY RATE...
The point was, 2-factor auth would take care of this. I'm certainly not happy with Russian intelligence trying to mess with the U.S. election (and yes, the evidence is strong they are: see here), but regardless, since Podesta's email was STILL open as of a few days ago when a password reset sent to it was used to hack his Twitter account, it seems clear some folks desperately need some help with securing their accounts.
P.S. yes, my account is original.
Kythe
Hang on, Trump **isn't** blaming illegal alien net-rapists for this ?? (evil grin)
I appreciate how Slashdot posters have largely stayed out of the shit fest that is this campaign. Thank you.
But recently, more and more assholes like the AC at the top are spamming Slashdot with political bullshit.
I think that the majority of the Slashdot community would appreciate it if you cock suckers stayed in the designated cesspools that support your candidate and stay the fuck away from Slashdot.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
Why is it being reported as news now?
you've been trying for MONTHS to make us think that the Russians are so smart that they can hack in everywhere, but also that they are so dumb that they leave evidence lying around everywhere. It's not working. If Russia or China or whoever hacked in, they would know better than leaving evidence all over the place.
full retard, full steam ahead!
And how pathetic.
Mod the patent up! Join the Trump movement! Vote for a better, stronger America.
"There are at least a dozen current or former members of the domestic intelligence community who have died of "natural causes" or "accident" in the past three months."
"There are also at least a dozen non-members of the domestic intelligence community who have died of "natural causes" or "accident" in the past three months."
I'm a Network Engineer and I've been in the I.T. field for 30 years, and specialized in Computer Forensics, Penetration testing, ethical hacking for at least the last 10 years.
SecureWorks is a joke.
Russia had nothing to do with the hack. Clinton's friends were incompetent at securing her email, and her server, and they are incompetent at this also. This is a lame attempt at Clinton to use Russia as a scapegoat and provide plausible deniability for her own actions of attempting to steal the election.
It's long overdue for her to be locked up, and the director of the FBI and Atty General Lynch also.
Based on the size of that population, what is the expected mortality rate due to natural causes and accidents over the past three months?
Unless there is statistically significantly deviation from that baseline, your implication in unsupported.
People die all the time. Call me when there is evidence that a particular group of people are dying at an abnormal rate.
Considering how many "hacker" sites in Russia are used internationally. It merely means the servers were hosted there. For all we know it could of been Republicans who paid to have hosted servers.
This is like claiming ALL the fraud that occurs at .com sites hosted in America are American hackers working for the U.S. government.
STUPID = STUPID
That was a cute joke, but Clintons have certainly beaten Trump to it. Unless you think, Bill and Hillary Clinton receiving hundreds of thousand of dollars per speech can be explained by anything other than his past presidency and, more importantly, the "inevitability" of her future one.
Having left the White house "dead broke" by their own admission, the couple are now worth tens of millions of dollars. What exactly have they sold in 15 years, that is that valuable?
In Soviet Washington the swamp drains you.
More like phisted.
One of the types of paranoid delusion is delusions of grandeur, including the belief that the paranoid is the object of all attention, central to a vast web of conspiracies. If you happened to have this paranoid delusion, you would probably be very careful guarding your work on the computer. But you would also be guarding against dangers that don't actually exist, believing that the CIA and the Illuminati are monitoring your thoughtwaves, that mosquitoes are injecting nanomachines into your blood to control your movements, and that devil-worshipping sorcerers are trying to collect samples of your bodily fluids in order to work black magic.
URL shortening wasnt' the problem here; look-alike links was the problem.
Democrats fire-bombed a GOP office today.
Somebody firebombed a GOP office. Whether it was "Democrats" or not is as yet unknown. I would say it was almost certainly crazy people, which america (unfortunately) has plenty of, and who come (unfortunately) in all political persuasions.
At the moment, the Democrats are raising money to re-open the office. https://www.rawstory.com/2016/...
Do you fail at reading comprehension?
His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
Seriously? You listed CNN, NY Times,GO, and CBS News as sources of evidence?
No. He listed CNN, NY Times,GO, and CBS News as "liberal media" that did cover the story, showing that the statement "the liberal media and Hillary are entirely ignoring the attack" is false.
They are proven to be owned and or controlled by rich and powerful friends of Clinton.
In which case, his post shows that the original post was completely and totally false, doesn't it?
The building was vandalized with the phrase "Nazi Republicans Leave Town or Else". Who else do you think would have done it?
The correct answer is: "I don't know, and you don't know either."
It's hard to believe it was the Democrats, since all the polls and all the indications show that they're winning. Why in the world would they want to change a winning game?
Throwing bombs isn't something you do if you're winning; it's what you do if you're losing.
But, with that said, I doubt it's the Trump campaign. I expect it was lunatic fanatic crazies.
Whether the lunatic fanatic crazies thought they were on Trump's side, or on Clinton's side, is yet to be seen.
I wonder if's Hillary's site still allows phishing?
http://cybertical.com/clinton-phishing.html
In Washington, rather than in Russia.
Isn't the real story that hacking is the only current flavor of journalism that reveals real information about important stuff that would otherwise not be reported by "real" journalists (who are on the payroll of {$politician or $big_corporation})? It's disturbing how many Hillary shills dismiss the content of the leaked emails as "fake" and give her a pass for what appears to be some authentic and relatively "not-fit-for-office" activity.
i had a burning feeling in my feet while i was at the computer, i tought it was athletes foot or something, now i fear its the russians, im seriously guys
Obviously, if it weren't for Hillary, nobody would die and we'd all live forever.
Most those middle states have large tracts of land - occupied by very few people.
And no... Electoral college was NOT created "to get the politicians out of the big cities and blah-blah-blah".
Number of electoral votes has fuck all to do with where the voters are located, are they rural or urban, OR are they visited by the candidates during their campaign or not.
It was created back when there was no "flyover country" - but only towns, villages and farms along the coast. THE coast.
And it was created cause they were paranoid about Congress ignoring the will of the people, getting together and electing the president on their own - while also being paranoid about big states doing the same thing.
Which is why there's that stipulation about government employees not being eligible for the position of an elector.
And why it is based on the number of people living in a state (while each state still gets two votes on top of that) and not its geography.
Including those people counted as "three fifths of all other Persons".
Mit der Dummheit kämpfen Götter selbst vergebens
i am neither russian nor paid by any state to do hacking.....i have nearly 2300 ways to hack various crap that work.... ..so many vectors now .....haha hehe hoho
Let me ask you if i have this much how much do others with better funding actually have and email is one of the worst for security....just cause of the idiots that click links....let alone the software that its run on and the operating system its on....
vectors people
no US agency has said anything of the kind
Wrongo bongo. Here's the Joint DHS and ODNI Election Security Statement. It begins: The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations.
Well. I guess we are at war with Eastasia then.
Yes, of "natural causes" or "accident".
Something fishy is going on here...
Just as we've always been.
At least you're getting some exercise--something which I really ought to do more.
P.S. I was pretty sure you weren't some sort of impostor, I was just going for cheap laughs. Sorry.
Il n'y a pas de Planet B.
You call the legitimate political opposition of the opposition party "obstructionism"????
By that definition, it was Democrats who controlled both the House and Senate in 2006-2010 who "obstructed" George W Bush. When they blocked him from intervening in 2007 to stop the financial recklessness that led to the 2008 mortgage lending meltdown, their "obstructionism" cause the economic collapse. Senators Joe Biden, Barack Obama, and Hillary Clinton all voted to block Bush from stopping the crazy subprime lending derivatives a year before that madness blew up Wall St.
OK, then let's look at it THIS way:
1. All bills originate in the House or Senate.
2. Any bill must be supported by a majority of the members of both the House and Senate before being sent to the President for his signature.
3. The president can sign, veto, or "pocket veto" (ignore until it dies) any bill. Any bill he signs becomes law.
by definition, the senate can obstruct the house, the house can obstruct the senate, and the president can obstruct the congress..... but there is no way for the congress to obstruct the president.
is so stupid they were easily trolled with a bogus web page and shortened URLs???
Aren't we glad these people have taken over the government and the student loan and health insurance systems?
The reason this has not happened to Trump is simple: he uses paper documents, telephone calls, personal meetings, and then tweets to the public - he does not use e-mail.
Being eager to use every new whiz-bang cloud-this and web-that in the excited certainty that it will help you manipulate public opinion and dominate the world apparently has a downside: you become vulnerable to the first woodpecker that pecks on your tree.
"If builders built houses the way programmers built programs, the first woodpecker to come along would destroy civilization." - Gerald M Weinberg
1) Not surprised. As soon as they started waiving the Russian "Hacking" flag around like it was something out of the Matrix I immediately postulated that the DNC were taken in by very usual and mundane means common to anyone that actually has an internet connection.
2) Considering the numbers, supposedly 20% and 25% of people fell for the scam, which really doesn't give you a lot of confidence in not only their "security acumen", but also just in their basic intelligence. You might do better with a random set of people. Cyber warfare campaign aside, there are a lot of other technology policy issues you really don't want someone who clicks on every attachment given to them to have power over.
3) That said, if the RNC were targeted I'm not sure they would have fared any better, likely worse, so it is a bit of a moot point I guess in general.
Russia cares. They have shills that post on Slashdot whenever an anti-Russian story shows up. No way they aren't monitoring this carefully, even if they're not involved.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
why are states necessary? If they serve a good, why is everyone so sure that having 10 times as many wouldn't serve us even better?
The Obama administration will fabricate whatever facts might help keep the Democrats in power.
So, who gives a fuck what they say?