Slashdot Mirror

← Back to Stories (view on slashdot.org)

Report: Russian Hackers Phished The DNC And Clinton Campaign Using Fake Gmail Forms (buzzfeed.com)

Posted by EditorDavid on from the I'm-feeling-lucky dept.

Citing a report from SecureWorks, BuzzFeed is reporting that Russian hackers "used emails disguised to look as Gmail security updates to hack into the computers of the Democratic National Committee and members of Hillary Clinton's top campaign staff": The emails were sent to 108 members of Democratic presidential nominee Hillary Clinton's campaign and 20 people clicked on them, at least four people clicking more than once, Secureworks' research found. The emails were sent to another 16 people from the DNC and four people clicked on them, the report said.

Researchers found the emails by tracing the malicious URLs set up by [state-sponsored hacking group] Fancy Bear using Bitly, a link shortening service... "We were monitoring bit.ly and saw the accounts being created in real time," said Phil Burdette, a senior security researcher at SecureWorks, explaining how they stumbled upon the the URLs set up by Fancy Bear.
The URL apparently resolved to accounts-google.com (rather than accounts.google.com), and Burdette says "They did a great job with capturing the look and feel of Google."

18 of 435 comments (clear)

  1. Notice the disinformation ? by zapadnik · · Score: 1, Informative

    Notice the disinformation? the misdirection from many outlets designed to have you worrying about whether the Russians did or did not hack the DNC and Clinton emails. This is so you focus on that rather than on the contents of the emails - which are extremely shocking in their levels of Machiavellian dealing, corruption, subversion of democratic processes and explicit contempt for the average American citizen and their vote.

    It is time to withdraw Hillary as a candidate. The American people deserve better than her (or Trump). If Hillary is elected it is clear she'll be impeached in record time as the only people who like her are misogynistic dictators and theocrats who like people who accept naked bribes to sell out the American citizens.

    The Democrats used to have some amazingly promising candidates, surely they can muster some now ?

  2. incorrect by Swampash · · Score: 1, Informative

    That's not "using fake emails to hack into the computers of the Democratic National Committee" That's "using hack emails to trick gullible staff members".

    Without gullible staff members the computers would have been secure.

  3. Re:Clinton, Podesta, Putin and Trump by Anonymous Coward · · Score: 1, Informative

    Democrats fire-bombed a GOP office today.

    Yeah, they're feeling desperate.

    Don't forget, Wikileaks has more stuff they're going to leak and some of the most interesting stuff is being held until Hillary's birthday.

    Trump is in no way out of this race. Unless you listen to the biased media that's been doing everything they can to try and prop Hillary up.

  4. Re:Clinton, Podesta, Putin and Trump by Rei · · Score: 5, Informative

    So let me get this straight. Don't trust Buzzfeed. Instead, trust "Battle Swam Blog". Got it.

    Re, the "uranium deal" thing: false and false. Meanwhile, Trump chose as his campaign manager Paul Manafort, a consultant to Yanukovitch (including being earmarked for over $12m in payments from a slush fund uncovered after Yanukovitch fled), his foreign policy advisor (Carter Page) works (present tense) for Gazprom, one of Trump's sons talked about his father having to focus on loans from Russia when he couldn't get them from the US, and how heavily they rely on Russian investment, Trump Soho turned out in court to be a money laundering organization for Russian criminals (Trump followed up by hiring its principal partner into the Trump organization), Trump bragged during a meeting in Russia that “Almost all of the oligarchs were in the room” just to meet with him, numerous Trump businesses have been financed by Russian oligarchs, Trump has repeatedly called Putin a great leader, both in isolation (without comparison to other US leaders), and in comparison to not only Obama, but Bush as well; Trump advisors intervened in the Republican Party platform on precisely one issue, that being to weaken references to supporting Ukraine; Trump claims that Russian troops aren't in Ukraine, and has endorsed Russia's Syria policy. Not to mention thinks NATO is obsolete. Oh, and whole "we don't know who did the hack, maybe it was China, maybe it was a 400 pound guy in his bedroom" line? He had already been given an intelligence briefing where US officials explicitly told him it was Russia. And then there's his knack for getting ahold of Russian propaganda faster than anyone else, like when he walked into a rally waving around a report on Clinton that had only been published (and later retracted) by Sputnik International.

    For all your propaganda that's too bad even for Russian propaganda outlets to push, Trump has your back.

    --
    The internet is not a series of tubes. It's more like a net. Or a network of computers. Or an internet.
  5. Re:Clinton, Podesta, Putin and Trump by phantomfive · · Score: 1, Informative

    Democrats fire-bombed a GOP office today.

    Crazy. I didn't believe it at first, but here's the story, from Orange County, North Carolina. It was a Molotov Cocktail, accompanied by graffiti that says, “Nazi Republicans leave town or else.” Real gents, these people.

    --
    "First they came for the slanderers and i said nothing."
  6. Same ole tactic, different day by s.petry · · Score: 2, Informative

    Explaining virtually every spear phishing plan ever run on people for the last 20 years proves nothing. Who-is data for the domain they claim responsible is registered in France, not Russia. Registered to one "sacko.fatou17@yahoo.fr". Domain created 22FEB2012 and expires on 22FEB17. I'll paste more below just in case, but neither the name or the address of the registrant relate to Russia. Fatou is an older family name in France. You want to convince me it's Russian they need to do better than common knowledge. They make it sound like copying a Google page is hard, when in fact it's as simple as "save-as" and downloading a couple of pictures from the same source.

    Domain Name: GOOGLE-ACCOUNT.COM
    Registry Domain ID: 1703474033_DOMAIN_COM-VRSN
    Registrar WHOIS Server: whois.register.it
    Registrar URL: http://we.register.it/
    Updated Date: 2016-03-26T00:00:00Z
    Creation Date: 2012-02-22T00:00:00Z
    Registrar Registration Expiration Date: 2017-02-22T00:00:00Z
    Registrar: REGISTER.IT S.P.A.
    Registrar IANA ID: 168
    Registrar Abuse Contact Email: abuse[at]register.it
    Registrar Abuse Contact Phone: +39.0353230310
    Reseller:
    Domain Status: ok
    Registry Registrant ID:
    Registrant Name: Google-Account
    Registrant Organization: Google-Account
    Registrant Street: 12 Allée des Noisetiers
    Registrant City: St denis en val
    Registrant State/Province: Haut-Rhin
    Registrant Postal Code: 45160
    Registrant Country: FR
    Registrant Phone: +33.489750045
    Registrant Phone Ext:
    Registrant Fax:
    Registrant Fax Ext:
    Registrant Email:
    Registry Admin ID:
    Admin Name: Google Account
    Admin Organization: Google Account
    Admin Street: 12 Allée des Noisetiers
    Admin City: St denis en val
    Admin State/Province: Haut-Rhin
    Admin Postal Code: 45160
    Admin Country: FR
    Admin Phone: +33.489750045
    Admin Phone Ext:
    Admin Fax:
    Admin Fax Ext:
    Admin Email:
    Registry Tech ID:
    Tech Name: Technical Support
    Tech Organization: AMEN.FR
    Tech Street: 12-14, Rond Point des Champs Elysees
    Tech City: PARIS
    Tech State/Province: PARIS
    Tech Postal Code: 75008
    Tech Country: FR
    Tech Phone: +33.811887744
    Tech Phone Ext:
    Tech Fax: +33.140877689
    Tech Fax Ext:
    Tech Email:
    Name Server: NS1.AMENWORLD.COM
    Name Server: NS2.AMENWORLD.COM
    DNSSEC: unsigned
    URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

  7. Re:A little perspective by Zontar+The+Mindless · · Score: 3, Informative

    What I get from that map is that, despite a clear majority of states voting for Trump, their model still for some reason "predicts" a Clinton win.

    You're either not American or you slept through civics class in high school.

    The number of states doesn't matter. The populations of those states (and thus the number of electoral votes each one has) are negligible compared to those in the Clinton column. In fact, the only populous state that's likely to go for Trump is Texas.

    --
    Il n'y a pas de Planet B.
  8. Re:Clinton, Podesta, Putin and Trump by khallow · · Score: 5, Informative
    Fortunately, someone remembered:

    Research led me far afield and I uncovered this gem from PolitiFact in its Pulitzer Prize-winning year of 2008. It rated as TRUE Obama's statement at the October 7, 2008, "If you've got a health care plan that you like, you can keep it."

    Five years later, only after Obama was safely elected and re-elected did PolitiFact name that claim the Lie of the Year of 2013 -- even though it dated back to 2008.

    Before and after. Same journalist wrote both and no apology for the earlier, "fact check" or the about face on the claim.

  9. Re:Still Confused .... by grcumb · · Score: 2, Informative

    I'm still not sure how this points to the Russians... How do we not know that it isn't some dude sitting on the beach in Tahiti and bouncing it off a server or VPN in Russia?

    Because they weren't simply working with SRC and DST packets, Donald. They did actual analysis, and found that the intrusion tools were the same as those used, among other things, to hack the German Bundestag (Parliament). They found Russian language bits mistakenly left in the leaked materials—which disappeared and never emerged again once their presence was pointed out. A shared SSL certificate also implicated the Russians.

    --
    Crumb's Corollary: Never bring a knife to a bun fight.
  10. Re:A little more perspective by Zontar+The+Mindless · · Score: 3, Informative

    Even if Hillary *is* a lesbian, what of it?

    This is supposed to make up for the fact that no man who actually cared about his daughter would leave her alone with Trump?

    More false equivalence from the RWNJ lobby.

    --
    Il n'y a pas de Planet B.
  11. Re:Still Confused .... by colin_faber · · Score: 5, Informative

    Actually, in this case SecureWorks admits in their analysis that it's an educated guess at best. Just like all of the rest of the thin as tissue paper "evidence" that has been presented so far.

  12. Re:What are PROBABLY Russians by quantaman · · Score: 3, Informative

    From the article:
    "researchers assess with moderate confidence that the group is operating from the Russian Federation and is gathering intelligence on behalf of the Russian government"

    I know it fits the playbook to simply call them "Russian Hackers" but hey, maybe...journalism instead?

    Did you read the rest of the article, and the buzzfeed article as well?

    First the group has been going after Russia's enemies for years, including Georgia, Ukraine, Poland, and Germany. This suggests the group is very pro-Russian.

    Second the group has used multiple zero-day exploits in its attacks, which strongly suggests a state actor. Not only because getting zero-day exploits is really hard, but zero day exploits are also very valuable, and the described hacks only really had significant value to the Russian government.

    I'm not sure why SecureWorks is hedging so much, but the hacks being orchestrated by the Russian government seems extremely likely.

    --
    I stole this Sig
  13. Re:Clinton, Podesta, Putin and Trump by Anonymous Coward · · Score: 2, Informative

    > Note that the liberal media and Hillary are entirely ignoring the attack, probably because they know they bear some of the blame.

    WTF are you talking about? You seem to be just making random shit up to conform to your "liberals are evil, and the extreme polarization in the US is all their fault" narrative.

    I see the news story in plenty of places (including your so-called "liberal media"), and Hillary Clinton did not ignore the attack at all; in fact she condemned it.

    E.g. see http://americablog.com/2016/10/rare-moment-civility-humanity-2016-election.html

    And FWIW I'm liberal and I also condemn the attack.

  14. Re:Still Confused .... by cryptogranny · · Score: 5, Informative

    Hi, as a Russian I'd like to make a few points.

    > if not a majority, are still running broken Windows XP and even piratated Windows 3.1.

    This is simply not true. We (not me personaly because I'm a Linux user) pirate any modern staff (MS products, Adobe, etc) very fast, partly because a lot of cracking teams are from xUSSR.

    > Since these people do not use credit cards online, they do not care about security.

    Well, it's actually simpler to use cards in Russia then in U.S to make a transfer to your buddy. But I agree about lot's of infected machines.

    > Russia cannot produce a single PC, notebook, or even a smartphone.

    That's correct. Government can't but people is another story.

    > I would not believe that it has got supernatural powers to enter firewalled hardened US government servers.

    No supernatural powers of course, but Russia is known for IT outsourcing. A lot of Russians move to U.S. to work in companies like Microsoft, Amazon and so on. The world known debugging tool IDA pro (used for cracking) is also made by Russians.

  15. Re:Clinton, Podesta, Putin and Trump by nomadic · · Score: 4, Informative

    "Note that the liberal media and Hillary are entirely ignoring the attack, probably because they know they bear some of the blame."

    That, sir, is a lie, and you are a liar.

    http://www.cnn.com/2016/10/16/...
    http://www.nytimes.com/2016/10...
    http://abcnews.go.com/US/north...
    http://www.cbsnews.com/news/po...

  16. Re:Clinton, Podesta, Putin and Trump by bloodhawk · · Score: 4, Informative

    lets see it is Trump, Who else might have a reason to hate him and perceive him as a Nazi
    Mexicans?
    Woman?
    blacks?
    Most of Europe?
    muslims?
    a quick count puts the potential non democrat suspects at several billion. Hillary may well be devil spawn but that doesn't somehow make trump any less insane a choice.

  17. Re: Still Confused .... by nehumanuscrede · · Score: 3, Informative

    Not to point out the obvious but, were I the NSA or other three letter agency and wanted to provide " proof " that the $pickabadguy were behind this, I would simply instruct the coders to " accidentally " leave behind bits of $language in the code for the world to find.

    To be fun, were I a Russian hacker, I would create another Stuxnet and leave a giant American Flag in ascii buried in the code somewhere just to prove that point.

  18. Re:LIARS by XXongo · · Score: 3, Informative

    Seriously? You listed CNN, NY Times,GO, and CBS News as sources of evidence?

    No. He listed CNN, NY Times,GO, and CBS News as "liberal media" that did cover the story, showing that the statement "the liberal media and Hillary are entirely ignoring the attack" is false.

    They are proven to be owned and or controlled by rich and powerful friends of Clinton.

    In which case, his post shows that the original post was completely and totally false, doesn't it?