Saturday, October 29, 2016

"Russian" Hackers Were Really Dutch

The alleged state-sponsored "Russian" hackers who stole tens of thousands of DNC emails, were from the Netherlands. And they didn't need any fancy hacking skills or equipment. They just sent John Podesta a fake email asking him to change his password and he was stupid enough to take the bait.

From the AP:

The hackers sent John Podesta an official-looking email on Saturday, March 19, that appeared to come from Google. It warned that someone in Ukraine had obtained Podesta's personal Gmail password and tried unsuccessfully to log in, and it directed him to a website where he should "change your password immediately."

Podesta's chief of staff, Sara Latham, forwarded the email to the operations help desk of Clinton's campaign, where staffer Charles Delavan in Brooklyn, New York, wrote back 25 minutes later, "This is a legitimate email. John needs to change his password immediately."

But the email was not authentic.

The link to the website where Podesta was encouraged to change his Gmail password actually directed him instead to a computer in the Netherlands with a web address associated with Tokelau, a territory of New Zealand located in the South Pacific. The hackers carefully disguised the link using a service that shortens lengthy online addresses. But even for anyone checking more diligently, the address — "google.com-securitysettingpage" — was crafted to appear genuine.

In the email, the hackers even provided an Internet address of the purported Ukrainian hacker that actually traced to a mobile communications provider in Ukraine. It was also notable that the hackers struck Podesta on a weekend morning, when organizations typically have fewer resources to investigate and respond to reports of such problems. Delavan, the campaign help-desk staffer, did not respond immediately to the AP's questions about his actions that day.

It is not immediately clear how Podesta responded to the threat, but five months later hackers successfully downloaded tens of thousands of emails from Podesta's accounts that have now been posted online. The Clinton campaign declined to discuss the incident. Podesta has previously confirmed his emails were hacked and said the FBI was investigating.

The suspicious email was among more than 1,400 messages published by WikiLeaks on Friday that had been hacked from Podesta's account.
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)