FBI Seizes Control of Russian Botnet

The Daily Beast reports that the FBI has seized control of a key server in the Kremlin's global botnet of 500,000 hacked routers. "The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow's ability to reinfect its targets," writes Kevin Poulsen. From the report: The FBI counter-operation goes after "VPN Filter," a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.

VPN Filter uses known vulnerabilities to infect home office routers made by Linksys, MikroTik, NETGEAR, and TP-Link. Once in place, the malware reports back to a command-and-control infrastructure that can install purpose-built plug-ins, according to the researchers. One plug-in lets the hackers eavesdrop on the victim's Internet traffic to steal website credentials; another targets a protocol used in industrial control networks, such as those in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.

Trump is gonna be pissed.

He'll shut this FBI operation down immediately. Putin is not going to be happy and the last thing Trump wants is an upset boss.

Re:Trump is gonna be pissed.

[Rei]

Come on, I don't think Russians - and especially Putin - find this whole situation funny.

Re:Trump is gonna be pissed.

[PopeRatzo]

Did they ever release any actual evidence the Russians hacked the DNC?

Mueller's investigation has been almost entirely without leaks, but it was learned that Guccifer 2.0 did in fact slip up and failed to activate his VPN client and exposed himself as being a particular GRU officer who was working out of the agency’s headquarters on Grizodubovoy Street in Moscow. This is a fact that is now accepted across the political spectrum.

https://www.thedailybeast.com/...

https://townhall.com/tipsheet/...

Even the sitting President's own lawyer, Rudy Giuliani, is now working from the talking points that say that the Russian interference in the election (including the hack) was a "gift" from Russia and so it's not collusion.

"Giuliani initially disputed the notion that Trump’s daily citing, in the final month of his campaign, of Russian-aligned WikiLeaks and its release of Russian-stolen emails constituted “colluding” with Russia.

“It is not,” Giuliani said.

Then he switched tacks.

“OK, and if it is, it isn’t illegal... It was sort of like a gift,” he said. “And you’re not involved in the illegality of getting it.”

Re:Trump is gonna be pissed.

[deathguppie]

The FBI does not release evidence regarding ongoing investigations. That's pretty much been a mainstay of law enforcement around the world, not just the FBI.

Re: Trump is gonna be pissed.

[JustAnotherOldGuy]

Oh you poor, poor baby. Life is so hard. Do you need a hug, cupcake?

Re: Trump is gonna be pissed.

[fafalone]

Trump isn't stupid enough to...

There's nothing you can end that sentence with that would be true.

Re: Trump is gonna be pissed.

[Joce640k]

Here's a nickel. Get yourself a proper keyboard,

Re:Trump is gonna be pissed.

[Zocalo]

OK, and if it is, it isn’t illegal... It was sort of like a gift,” he said. “And you’re not involved in the illegality of getting it.”

OK, let's run with that. Since my job entails potential exposure to bribery (albeit EU based rather than US) I have to do ethics training every now and again, and I'm pretty damn sure that any non-trivial "gifts" need to be declared lest they fall foul of bribery legislation - bribes are not just monetary after all. Assuming that's similar to the US' legislation on the matter all all this does really is jump Trump out of the collusion frying pan and into the bribery fire; now he has to demonstrate that either his campaign was completely unaware of this "gift" (good luck with proving a negative) or point to wherever they declared it. On past experience, Trump doesn't seem to suffer people who cause him problems gladly, and Guiliani has required "walk backs" and "clarifications" seemingly every time he's opened his mouth on the public record since his appointment. I'm guessing he'll be gone within months, if not weeks.

Re:Trump is gonna be pissed.

[drinkypoo]

On past experience, Trump doesn't seem to suffer people who cause him problems gladly,

Except himself. He's caused himself all of these problems by getting into bed with Putin. He thought he was a big swinging dick, but Putin is showing him how it's really done. Trump might be able to game the corporate system, but he is way out of his depth in politics. He's used to finding someone to fleece by simply moving on from the people who can see through his lies, but he can't just move on now. He actually has to deal with where he is, and Trump doesn't know how to do that and never has. That's why his fortunes are predicated upon a) impersonating a person who did not exist who claimed he owned most of his father's assets and b) running away and declaring bankruptcy over, and over, and over again.

and Guiliani has required "walk backs" and "clarifications" seemingly every time he's opened his mouth on the public record since his appointment. I'm guessing he'll be gone within months, if not weeks.

Guiliani is the most competent legal counsel Trump can get his hands on at this point. He might get rid of him, but if he does, he'll only wind up with someone even less competent.

Re: Trump is gonna be pissed.

[terrycarlino]

Guilty pleas for lying to the FBI about doing things that are not illegal. It works like this. I go to a movie while I'm suppose to be washing the car. Going to a movie is not illegal. The FBI comes up to me and says, "You know your wife says you were washing the car. Is that true?" You say, "Yes." You have just committed a felony. By the way the FBI never talked to your wife. he was lying. He's allowed to do that.

Re:I'm safe

[Rei]

I think Fancy Bear comes in through the data pipes, so you'll need a firewall to stop them. Which I think means you have to get firewire first? I've been thinking about having the IT out to install it, I already have a propane tank so it shouldn't cost too much? I shut my computer off at night but I know that a really good hacker could just turn it back on and get in.

Conservatives are like Captain Ahab

Captain Ahab was so utterly consumed by hate that he was ready to lose everything, his ship, his crew, his own life, just as long as he killed Moby-Dick.

Similarly, conservatives are so completely and utterly infused and consumed by their hatred of liberals that they are ready to sacrifice everything, their country, their family, the future of their planet and their children, for every opportunity to piss-off and otherwise hurt that damn liberal white whale.

Re: Conservatives are like Captain Ahab

Same goes for liberals. Everyone has lost their marbles.

Re: Conservatives are like Captain Ahab

Liberals? Nah. Sure, there are some left-wing extremists, similar to the right-wing extremists. There is a pretty significant difference, though. The left-wing extremists are fewer in number, are marginalized by the Democratic party, and have little actual power. The right-wing extremists are significant in number, run the Republican party, and hold many high offices, including the Speakership of the House, Senate Majority leadership, and the Presidency.

So, while there are parallels in kind, there is a significant difference in threat to our country.

Re:Conservatives are like Captain Ahab

[Green+Mountain+Bot]

Greg Gutfeld is willfully ignorant if he thinks conservatives don't think liberals are evil.

Re: Lock Him Up!

[JustAnotherOldGuy]

The claim (by Donald Trump and others) is that Hillary Clinton approved a deal giving a Russian company named "Rosatom" 20 percent of our uranium.

But that's not true. The Clinton State Department had no power to veto or approve the Rosatom transaction, AKA "Uranium One". It could do neither. Here’s how it does work.

Uranium One is the name of a South Africa-based mining company.

Back in 2007 it merged with "Urasia Energy" based in Canada. And in 2010 the mining arm of the Russian nuclear agency Rosatom, bought controlling interest in the company. Among other places, that mining company had operations in Wyoming that amounted to what the Nuclear Regulatory Commissions or the NRC said was at the time was about 20% uranium production capacity in the U.S.

By law, when a foreign company wants to buy ANYTHING with potential national security implications, an interagency committee of the federal government must approve it. The committee was given a broad mandate under President Reagan to advise the president on foreign investment transactions.

That committee is called CFIUS (Committee on Foreign Investment in the United States). It includes nine department heads. The Secretary of the Treasury is the chair person. The rest are the Departments of Justice, Homeland Security, Commerce, Defense, State and Energy, plus the Office of U.S. Trade Representative, and the Office of Science and Technology Policy. That’s CFIUS. The nine department heads all approved the sale of Uranium One.

It was unanimous - not a Hillary Clinton approval.

Also, the State Department wasn't even represented by Hillary Clinton at CIFUS. The Assistant Secretary of State, Jose Fernando, represented the State Department on CFIUS, not Hillary Clinton. And Jose Fernando stated that Clinton never intervened.

Further, neither Secretary Clinton nor the committee as a whole could stop any deal of this kind, even if they wanted to.

The committee members evaluate the sale of anything potentially related to national security.

By law, if just one member objects, the president and only the president can veto such a transaction. No committee member of the nine objected.

The whole "Uranium One" accusation is predicated on the charge that "Secretary Clinton approved the sale". She did not, and more to the point, she couldn't because the as Secretary of State, she didn't have the power to do that.

This whole "Clinton gave away our uranium" thing is just plain bullshit.

Go ahead, think whatever you like. Don't take my word for it. These are the facts and you can verify all of them by spending a minute or two on Google.

Re:Yes, but nothing worth mentioning

[Dare+nMc]

> The DNC did not at any time turn over the affected servers to the FBI or anyone else, as one might expect for such a serious crime as was alleged.

The DNC coordinated with the FBI and federal intelligence agencies and provided everything they requested, including copies of DNC servers," Watson said. She added that the copy contains the same information as the physical server.

So it is technically correct the DNC didn't turn over the physical hardware, but they provided a image of everything on the servers. "Everything Requested."

Re:The group that hacked the DNC Really?

[squiggleslash]

For a tech forum, you'd expect people here to not repeat obvious bullshit political points like "The DNC didn't hand a server over to the FBI" given:

1. Real tech people know that the FBI wouldn't need the original server, they could easily work from a ghosted image, or might even be able to do what they need to do with supervised access.

2. Real tech people know that plopping a critical server out of commission and handing it over to a third party where it would become unreachable and unusable would kill the entity relying upon it.

But no, this bullshit that the DNC did something wrong by not closing itself down the moment it discovered it got hacked and making it impossible to continue to operate by doing something completely unnecessary for the FBI somehow keeps being repeated here over and over again.

And you wonder why the left and centrists and, well, pretty much who isn't an eye-swivling Trumpist, is pretty much convinced that Russia's IRA has a fair number of its trolls posting to Slashdot.