The GRU staged several gigabytes of DNC data located on the DNC’s servers for unauthorized and surreptitious exfiltration- or, more commonly, theft. We know that most of the people whose emails were published, received a phishing mail from Fancy Bear.Ĭyber security company Threatconnect assesses that DCLeaks is part of a Russian operation to influence the elections. In June, July and August of 2016, DCLeaks releases emails from both Democrats (mostly Gmail-accounts) and Republicans (John McCain, Lindsay Graham, Michele Bachmann). The three people that clicked the phishing link were also not in the position of having access to the accounts of one of the seven people whose inbox was hacked (i.e.: it was not their secretary or assistant).Īn unknown party registers the domain. None of the people that received a phishing mail in their DNC-account belongs to the group of people that had their emails published by WikiLeaks.
Comey dnc server access code#
We discovered which email accounts these links were sent to by decoding the code that came after “e=” using website base64decode. Considering the fact that the DNC does not use Gmail as its mail server it seems unlikely that these three people would have entered their DNC credentials (DNC-username and password). That does not necessarily mean that Fancy Bear obtained their password, for it seems that the hackers made a mistake: the phishing link leads to a fake Gmail-page. Argos got access to these sixteen bit.ly-links and the stats, and found that three people that were targeted actually clicked on the link. … but not to the DNC-accounts that have been leaked to WikiLeaksįancy Bear sends sixteen phishing mails to the DNC email accounts of nine different persons. Perkins Coie, the law firm representing the Democratic Party and Hillary 4 America, hires research and strategic intelligence firm Fusion GPS, with the objective of finding dirt on Trump. From this, we can conclude that the contents of Podesta’s inbox were forged shortly after he received the phishing mail. The emails are dated until March 21, 2016. WikiLeaks publishes his emails in October 2016 (These are the Podesta-mails, not the DNC-mails). John Podesta, chairman of the Hillary Clinton Campaign, receives a phishing mail. WikiLeaks obtained these emails from the US State Department through a Freedom of Information Act request. WikiLeaks publishes the Hillary Clinton Email Archive: tens of thousands of emails and attachments from Clinton’s private server, which she used during her time as Secretary of State. The database is not accessible to the public. SecureWorks shared the bit.ly-database with Associated Press. This because there are many Russian enemies among the receivers, such as critical journalists, a Pussy Riot singer, targets in Ukraine, and companies specialising in defence, such as Boeing and Lockheed in the US. They studied the 19.000 accounts to which the phishing mails were sent and concluded that Fancy Bear must have been behind the phishing mails. We know this, because cybersecurity company SecureWorks gained access to Fancy Bear’s bit.ly-account. This time the mails are also sent employees of the DCCC, the Clinton Foundation and members of the Republican Party. In the following weeks Fancy Bear continues to send out phishing mails. If the receiver fills in its username and password, Fancy Bear gains access to them. The phishing mails contain a link to a page that looks like the Gmail login page. According a number of cybersecurity companies Fancy Bear can be linked to Russian intelligence agency GRU. Russian hacker group Fancy Bear starts sending out phishing mails to employees working for the Hillary Clinton Campaign.
0 kommentar(er)
