U.S. indictments show technical evidence for Russian
hacking accusations
Send a link to a friend
 [July 14, 2018]
By Joseph Menn
SAN FRANCISCO (Reuters) - U.S. indictments
against a dozen Russian intelligence officers on Friday provided
detailed technical evidence to back up allegations of Russian hacking
and leaking of information to influence the 2016 U.S. presidential
election.
By tracing control of email and social media accounts and a tool for
remote internet connections, the 29-page indictment document for the
first time showed that the same group of Russians leased servers,
targeted Democratic officials with phishing tricks aimed at capturing
their online credentials and communicated with Republicans and other
distributors of hacked information.
A federal grand jury on Friday charged 12 Russian intelligence officers
with hacking Democratic computer networks in 2016 as part of Moscow's
meddling in the presidential election to help Republican Donald Trump.
Although a February indictment accused other Russians of spying and
spreading propaganda on social media, it did not link those efforts with
hacking, phishing attempts or distribution of hacked information to
Republican operatives, a Republican congressional candidate and websites
such as DCLeaks, which published the purloined material.
“The last indictment of Russians involved the so-called troll factories
and online bot farms that were causing issues on Twitter,” said John
Bambenek, vice president at security firm ThreatStop Inc.
“The interesting aspects of this indictment cover how connections were
made between services due to reused email addresses, bitcoin wallets,
and infrastructure. The Russians didn’t hide themselves that well.”
The conspirators used the same bitcoin funds to buy a virtual public
network account for communications and to lease a server in Malaysia
that hosted DCLeaks.com. They used the Malaysian server to log into the
Twitter account of the online hacker persona Guccifer 2.0, and the same
server was used to register websites used for hacking the Democratic
committees, according to the indictment.
[to top of second column] |
A copy of the grand jury indictment against 12 Russian intelligence
officers is seen after the indictments were filed in U.S. District
Court by prosecutors working as part of special counsel Robert
Mueller's Russia investigationÊin Washington, U.S., July 13, 2018.
REUTERS/Jim Bourg
One of the Russians probed election websites in Iowa, Florida and Georgia,
looking for vulnerabilities just days before the November election, the
indictment charged.
Some researchers said the indictment might have depended on U.S. signals
intelligence, the fruits of which are rarely revealed, because it quotes
electronic messages sent to an unidentified organization presumed to be
London-based WikiLeaks.
Communications between Guccifer 2 and WikiLeaks also undercut the contention of
WikiLeaks founder Julian Assange that he did not obtain Democratic Party emails
he published from Russia.
“The amount of intelligence gathering capability realized by this is
astonishing,” said researcher Nicholas Weaver of the International Computer
Science Institute, affiliated with the University of California at Berkeley.
In particular, emails between Guccifer 2 and the organization believed to be
WikiLeaks “suggest that the NSA (U.S. National Security Agency) obtained access
to either Guccifer 2’s email account, Wikileaks’ or both.”
The investigation also recovered specific internet searches by the Russians and
what they looked for on hacked machines.
Revealing so much “says just how serious this is, and how important it is to
acknowledge that Russia hacked the U.S. to aid Trump and hurt Clinton,” Weaver
said.
(Reporting by Joseph Menn; Editing by John Walcott and Cynthia Osterman)
[© 2018 Thomson Reuters. All rights
reserved.] Copyright 2018 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
