Russian-linked hacker Guccifer 2.0 edited stolen DNC email to draw media attention during election

Security News ThreatsCybercrime Uncategorized

Guccifer 2.0, the Russia-linked hacker behind the massive breach of the Democratic National Committee (DNC), edited a stolen email in order to draw attention from the media, the Associated Press reported on Friday (4 November). During the presidential election campaign in 2016, Guccifer 2.0 claimed to be behind the DNC hack and helped leak and spread the stolen emails online.

According to an extensive AP investigation into how Russian hackers managed to infiltrate the DNC, Guccifer 2.0 altered the first document published by the hacker in June 2016. Although it was advertised as coming from the DNC, the email actually came from the inbox of Clinton’s campaign chairman John Podesta, an anonymous former DNC official told the AP.

The official also noted that the word “CONFIDENTIAL” was not in the original document. Instead, Guccifer 2.0 had edited the document to try and catch media attention.

The email leaked was just one of at least 50,000 emails stolen from Podesta’s inbox. During the race to the White House, Guccifer 2.0, WikiLeaks and DCLeaks published over 150,000 emails stolen from over a dozen Democratic officials.

The AP investigation also revealed that Russian-linked hackers used brute force tactics over months to try and break into the emails of people across the Democratic Party, including more than 130 party employees, supporters and contractors.

According to a review of 19,000 malicious links shared by cybersecurity firm Secureworks, AP reports that the hackers “worked their way around the Clinton campaign’s top-of-the-line digital security to steal chairman John Podesta’s emails in March 2016”.

Since 10 March, the hackers sent phishing emails designed to look like official security messages from Google, prompting users to boost their security or change their passwords. Clicking on the malicious link led the user to a decoy website designed to swipe their credentials.

Secureworks’ data indicated when the phishing links were created and whether they were clicked, but does not show if any unsuspecting users offered up their passwords.

On 19 March, the hackers sent another round of malicious messages to some of Clinton’s top officials including campaign manager Robby Mook, senior advisers Jake Sullivan and Philippe Reines and campaign chair Podesta.

As per the AP report, the malicious link was generated for Podesta at 11:28AM Moscow Time with the email arriving in his inbox six minutes later. He reportedly clicked on the link twice.

The phishing campaign continued through March and caught the eye of the FBI and Secureworks. The security firm had been following Kremlin-linked hacker group Fancy Bear, noticed that they were heavily targeting Democrats and alerted authorities.

The hackers appeared to be focused on Democratic officials working on voter registration issues including the DNC’s former director of voter protection Pratt Wiley. They also targeted numerous organisations linked to Clinton and the Democrats including the Clinton Foundation, technology provider NGP VAN, the Center for American Progress, campaign strategy company 270 Strategies and news outlet Shareblue Media.

hillary clintonAt least one of the DNC emails leaked by Guccifer 2.0 was edited and labeled “Confidential” to garner media attention, AP reported. Michael Loccisano/Getty Images

The cache of Podesta’s emails were leaked on 7 October – the same day that the controversial 2005 Access Hollywood tape of Trump bragging about groping women was released. In the months leading up to the November election, the steady publication of the hacked emails in batches drew heavy media attention and continued to plague the Clinton camp.

In January, US intelligence agencies concluded that Russian President Vladimir Putin ordered a complex, multifaceted influence campaign that included cyberattacks, leaks, misinformation campaigns and more to hurt Clinton’s chances and help Trump win the election.

The Kremlin dismissed the allegations as “baseless” while Trump has denied any collusion between his team and Moscow. Multiple congressional committees along with special counsel Robert Mueller are currently investigating Russian interference in the 2016 election and possible ties between Trump’s campaign and the Kremlin.

Earlier week, Mueller’s first charges were filed against Trump’s former campaign manager Paul Manafort, associate Richard Gates and former Trump campaign aide George Papadopoulos. On Monday, Papadopoulos pleaded guilty to lying to FBI investigators about his conversations with a professor linked to the Russian government. In April 2016, he was reportedly told that the Kremlin had obtained compromising information on Clinton.

“They have dirt on her,” Papadopoulos said he was told. “They have thousands of emails.”

http://www.ibtimes.co.uk/russian-linked-hacker-guccifer-2-0-edited-stolen-dnc-email-draw-media-attention-during-election-1645895

Tagged