Results 1 to 3 of 3

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

  1. #1
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    98,598

    How Russian agents financed and carried out the Clinton campaign hack

    By DAN PATTERSON CBS NEWS July 24, 2018, 11:30 AM

    How Russian agents allegedly financed and carried out the Clinton campaign hack


    Turns out, hacking a democracy is relatively cheap and simple.

    "That's what freaks me out," says Karl Holmqvist, CEO of cyber-defense firm Lastwall. "Russia is a nation-state with potent offensive capabilities. [The process] detailed in Mueller's indictment might seem simple, but the attack was sophisticated."


    The digital footsteps left behind by the Russian intelligence operatives accused of hacking the Clinton campaign are relatively easy to follow, even for the layperson. In the 29-page indictment released July 13, Special Counsel Robert Mueller laid out detailed allegations about how 12 officers from Russia's Main Intelligence Directorate, the GRU, obfuscated much of their work by using a combination of virtual private networks, a multitude of phony email accounts, and about $95,000 in bitcoin. The currency was used to purchase servers in the U.S., send phishing emails, develop malware, and crack account passwords of campaign officials.


    Here's a look at the technology behind each step in the process.


    VPNs


    Virtual private networks are encrypted "tunnels" that allow a user to connect securely to the outside world.

    VPNs can mask the IP address, geolocation, and other identifying details of a user's computer. According to the Mueller indictment, Russian conspirators purchased VPNs to rent servers in Malaysia so they could post anonymously to the @Guccifer_2 Twitter account. "Guccifer 2.0" was the moniker used by the hackers to publicize their findings and communicate with others while hiding their true identity.


    "[VPNs are] hacking 101," says Holmqvist. "Without a VPN all of your traffic is exposed to the network, and to law enforcement."


    Cryptocurrency


    In order to avoid using banks and financial institutions, the GRU traded, bought, and mined bitcoin, which was used to purchase the digital infrastructure needed for the operation.

    Though cryptocurrency like bitcoin is perceived as anonymous, every transaction is linked to a public transaction log called the Blockchain. To avoid making large transactions that might draw unwanted attention from law enforcement agencies, the Russians used dozens of fake email accounts to send and receive small amounts of cryptocurrency. The "gfadel47" account, for example, received hundreds of payments for exactly 0.026043 bitcoin. (That's about $200 at the current exchange rate, with 1 bitcoin worth about $7,734, per Coindesk. But bitcoin's value has swung wildly, hitting a high of nearly $20,000 last December.)



    Though Mueller's indictment provides few technical details, mining cryptocurrency requires dedicated hardware to solve complex math equations buried in the Blockchain source code. The power consumption required for large-scale mining would be spotted by global energy regulators, says Holmvquist.

    Cyber-criminals — including Russian criminals — often use a technical hack called cryptojacking to acquire coin without a massive hardware investment or energy expenses. Cryptojacking malware uses the processing power of millions of devices by infecting a victim's smartphone or computer and running quietly in the background.


    "Because [the malware] uses lots of devices distributed across the globe," Holmvquist explains, "the currency becomes effectively anonymous."


    The hackers' playbook


    The hacking tactics detailed in Mueller's indictment follow a standard cyberattack playbook. The goal was to infiltrate accounts, plant malware inside Clinton campaign and DNC servers, and then exfiltrate sensitive data.

    Using the X-Agent malware program Russian agents accessed DNC and Clinton campaign accounts through "old fashioned phishing," says Holmvquist. "There was nothing high-tech about sending a lot of fake email," he explains. "But hackers use [the tactic] because it works."

    For example, a phishing email sent to Clinton campaign chair John Podesta appeared to be coming from Google advising him to change his Gmail password, but it was actually sent by hackers.


    After gaining administrative access to sensitive systems, the Russian agents were able to capture keystrokes, grab screenshots, and export large batches of data.


    "The fact that the attack was so simple means it was also very simple for the Russian attackers to stay hidden," says Holmvquist. "They had all the right tools and in a pseudo-anonymous system, if they did their job well you're never going to know how [the Russians] did some of these things. There's no way a nation-state would leave this much of a trace unless they wanted someone to see them. That's what worries me."


    The Russians likely wanted to be caught, he says. Why? "To show that the world's largest superpower is vulnerable to a simple hack."

    https://www.cbsnews.com/news/russian...ck-indictment/

    NO AMNESTY

    Don't reward the criminal actions of millions of illegal aliens by giving them citizenship.


    Sign in and post comments here.

    Please support our fight against illegal immigration by joining ALIPAC's email alerts here https://eepurl.com/cktGTn

  2. #2
    Senior Member Judy's Avatar
    Join Date
    Aug 2005
    Posts
    55,671
    Or you just write the story so it looks like Russia when it was really someone else. That's still a huge possibility.
    A Nation Without Borders Is Not A Nation - Ronald Reagan
    Save America, Deport Congress! - Judy

    Support our FIGHT AGAINST illegal immigration & Amnesty by joining our E-mail Alerts at https://eepurl.com/cktGTn

  3. #3
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    98,598
    7 min ago

    4 key takeaways from Pompeo's Senate hearing



    Secretary of State Mike Pompeo testifies during a hearing before Senate Foreign Relations Committee July 25, 2018 on Capitol Hill in Washington, DC.(Photo by Alex Wong/Getty Images)

    The Senate Foreign Relations Committee just wrapped up a hearing, where Secretary of State Mike Pompeo testified.


    Here are the key takeaways:


    • On North Korea's nuclear weapons: Pompeo would not say publicly if North Korea is still moving forward with its nuclear program. He told senator he'd answer the question "in a different setting."




    • On North Korea-US relations: When Sen. Ed Markey expressed concerns that the US was being "taken for a ride" by North Korea, Pompeo quickly responded, saying, "Fear not, senator. Fear not."




    • On the Trump-Putin summit: Pompeo revealed some of the things that Trump and Russian President Vladimir Putin talked about during their summit last week. He said they agreed to establish a business-to-business leadership exchange and talked about reestablishing counterterrorism council, but did not discuss sanctions on Russia.




    • On Russian election interference: In his opening statement, Pompeo said the President believes Russia interfered in the presidential election:
    • "Finally, I want you to know, President Trump has stated that he accepts our intelligence community's conclusion that Russia meddled in the 2016 election."



    https://www.cnn.com/politics/live-ne...ing/index.html

    NO AMNESTY

    Don't reward the criminal actions of millions of illegal aliens by giving them citizenship.


    Sign in and post comments here.

    Please support our fight against illegal immigration by joining ALIPAC's email alerts here https://eepurl.com/cktGTn

Similar Threads

  1. Russian Spies Charged in Massive Yahoo Email Hack
    By JohnDoe2 in forum General Discussion
    Replies: 2
    Last Post: 05-09-2017, 06:25 PM
  2. Replies: 0
    Last Post: 04-21-2017, 04:10 PM
  3. Replies: 0
    Last Post: 10-27-2016, 09:43 PM
  4. Replies: 1
    Last Post: 07-28-2016, 09:39 PM
  5. Replies: 8
    Last Post: 07-28-2016, 05:57 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •