Announcement

Collapse
No announcement yet.

Malware allegedly used to hack DNC: "publicly available for anyone to download."

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Malware allegedly used to hack DNC: "publicly available for anyone to download."

    Evidence of Russian Election Hacking Is Inconclusive
    Analysis of the information released by the US Government concerning Russian cyber activity.


    On October 7th, 2016 two days before a Presidential debate, and on the same day Wikileaks released the first set of e-mails from Hillary Clinton’s campaign Chairman John Podesta, the United States Government officially accused Russia of cyber activity interfering with the 2016 election.

    [...]

    On December 29, 2016 the Department of Homeland Security and the FBI released a joint statement on the technical capabilities of software they believe the Russians might have used. Once again, without providing any evidence of direct ties to Russia or the Russian government.

    The result of this statement was President Obama issuing an executive order to place sanctions on two Russian intelligence agencies, eject 35 Russian diplomats from US soil within 72-hours, as well as seizing several properties owned by Russian diplomats, and making threats of future covert actions against Russia. All of which is unprecedented for an outgoing President with less than a month left in office.

    [...]

    The document itself is a highly technical general security guide, and once again contains several conclusions presented as facts without evidence or proof. The document fails to identify how the DHS/FBI concluded the Russians were behind the cyber activity. The document also fails to provide proof of intrusion, intent, or what evidence they have linking it to the Russians, Wikileaks, or the impact it had on election results. What evidence they have released oddly seems to indicate they do not know who was responsible.

    [...]

    According to Wordfence, an Internet security company, the hacking software or malware used by whoever targeted the DNC and John Podesta is publicly available for anyone to download (http://profexer.name/pas/download.php). The authors of this malware are Ukrainian, and not Russian. Not only is this malware free to download, but the version of the software the DHS/FBI is just now warning the public about is significantly outdated, and newer versions of the software are available for free online.

    What this means is ANYONE could have downloaded this software and used it from anywhere in the world. Merely identifying the tool used does not identify the person who used it.What this also suggests is whoever was responsible for this cyber activity was using very old, and unsophisticated methods not common of state sponsored intelligence agencies. It appears to be the work of a novice hacker, although it could have been intentionally designed to look like that.

    [...]

    https://medium.com/@trentlapinski/ev...62f#.p44o89etf

    Wordfence provides Internet security to WordPress (Watts Up With That? is a WordPress blog)...
    US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

    This entry was posted in General Security, Miscellaneous, Research, WordPress Security on December 30, 2016 by mark 118 Replies

    The United States government earlier this year officially accused Russia of interfering with the US elections.

    [...]

    At Wordfence our focus is WordPress security. Our security analysts spend a lot of time analyzing PHP malware, because WordPress is powered by PHP.

    As an interesting side-project, we performed analysis on the PHP malware sample and the IP addresses that the US government has provided as “…technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS)”. [Source]

    We used the PHP malware indicator of compromise (IOC) that DHS provided to analyze the attack data that we aggregate to try to find the full malware sample. We discovered that attackers use it to try to infect WordPress websites. We found it in the attacks that we block.

    [...]

    By viewing the source code, we could find the name of the malware and the version. It is P.A.S. 3.1.0.

    We googled it and found a website that makes this malware. You can find the site at this address...


    [...]

    https://www.wordfence.com/blog/2016/...lware-ip-hack/

    The Russian hacking fable is fake news on steroids...
    Watts Up With That? | The world's most viewed site on global warming and climate change.

  • #2
    So the DNC servers where hacked using software so old a cave man could of done it?

    What dose it say about their security...

    Though Wikileaks mentions that Podesta's E-mail password was "[email protected]"...

    Comment


    • #3
      Originally posted by Nebfer View Post
      So the DNC servers where hacked using software so old a cave man could of done it?
      ...
      Hell, if it works on the DOD, why not?

      Comment


      • #4
        Impeach Obama for endangering national security.
        We hunt the hunters

        Comment


        • #5
          Originally posted by Nebfer View Post
          So the DNC servers where hacked using software so old a cave man could of done it?

          What dose it say about their security...

          Though Wikileaks mentions that Podesta's E-mail password was "[email protected]"...
          My DoD security clearance information has been hacked twice in the last 3 years. China has it, and I'm assuming Russia does as well. Too bad they can hack some of my debts and make them go away!

          Just kidding...not endorsing hacking in any way, shape, or form! But I don't think its just the DNC.

          Comment


          • #6
            Okay... Does anyone think the DNC wasn't run by idiots...?

            Comment


            • #7
              Originally posted by Biscuit View Post
              My DoD security clearance information has been hacked twice in the last 3 years. China has it, and I'm assuming Russia does as well. Too bad they can hack some of my debts and make them go away!

              Just kidding...not endorsing hacking in any way, shape, or form! But I don't think its just the DNC.

              I'm afraid the next target may be the 2017 elections in Europe. Hackers already infiltrated the German Parliament's database early in 2016. Moscow is suspected but no solid proof.
              "Never argue with an idiot. They'll just drag you down to their level, then beat you with experience" George Carlin

              Comment


              • #8
                The thing is, what was hacked & released in this case was simply the truth: unethical (some might say corrupt) practices by the Hillabeast and the DNC top brass.

                No one, not even the DNC, denies this.

                So what does it matter who exposed wrong-doing? Should a lie be presented as the truth simply because to tell the truth is more than a snowflake can bear?

                This boils down to a matter of integrity. THe Hillabeast and her supporters have none.
                Any man can hold his place when the bands play and women throw flowers; it is when the enemy presses close and metal shears through the ranks that one can acertain which are soldiers, and which are not.

                Comment


                • #9
                  Originally posted by The Doctor View Post
                  According to Wordfence, an Internet security company, the hacking software or malware used by whoever targeted the DNC and John Podesta is publicly available for anyone to download (http://profexer.name/pas/download.php). The authors of this malware are Ukrainian, and not Russian. Not only is this malware free to download, but the version of the software the DHS/FBI is just now warning the public about is significantly outdated, and newer versions of the software are available for free online.
                  When you add this to the Podesta email where google alerted him that an attempt had been made to hack his account by someone in Dnepropetrovsk, Ukraine, there is actually more evidence of Ukrainian involvement than Russian in the so-called hacking caper. Sounds like Obama kicked out the wrong Slavs.

                  Comment


                  • #10
                    Originally posted by Skoblin View Post
                    When you add this to the Podesta email where google alerted him that an attempt had been made to hack his account by someone in Dnepropetrovsk, Ukraine, there is actually more evidence of Ukrainian involvement than Russian in the so-called hacking caper. Sounds like Obama kicked out the wrong Slavs.
                    Isn't really difficult to determine the location of a hack attempt? I'm not a hacker but isn't the whole point to use someone other than your own bot to carry out the attack?

                    That's what happened with my dad's bot... At least with my feeble knowledge of how they go about it...
                    Credo quia absurdum.


                    Quantum mechanics describes nature as absurd from the point of view of common sense. And yet it fully agrees with experiment. So I hope you can accept nature as She is - absurd! - Richard Feynman

                    Comment


                    • #11
                      Originally posted by Skoblin View Post
                      When you add this to the Podesta email where google alerted him that an attempt had been made to hack his account by someone in Dnepropetrovsk, Ukraine, there is actually more evidence of Ukrainian involvement than Russian in the so-called hacking caper. Sounds like Obama kicked out the wrong Slavs.
                      The funny thing... The really funny tying... The so fracking funny thing... is that Podesta and the rest of the DNC morons were stupid enough to discuss unsavory, if not illegal, activities in emails.

                      Anyone who has ever held a responsible position in a publicly traded corporation knows that they shouldn't put anything in an email that they would not want the SEC to read.

                      So... whoever provided these emails to WikiLeaks was performing a public service, analogous to the SEC.
                      Watts Up With That? | The world's most viewed site on global warming and climate change.

                      Comment


                      • #12
                        Originally posted by Bwaha View Post
                        Isn't really difficult to determine the location of a hack attempt? I'm not a hacker but isn't the whole point to use someone other than your own bot to carry out the attack?

                        That's what happened with my dad's bot... At least with my feeble knowledge of how they go about it...
                        While the Ukrainian location might be a "false flag." It's at least a flag. Which puts Ukraine at least one flag ahead of Russia...
                        Watts Up With That? | The world's most viewed site on global warming and climate change.

                        Comment


                        • #13
                          Originally posted by Nebfer View Post
                          So the DNC servers where hacked using software so old a cave man could of done it?

                          What dose it say about their security...

                          Though Wikileaks mentions that Podesta's E-mail password was "[email protected]"...
                          Spearphishing isn't new or high tech. Social engineering will get you pretty far these days. The higher people are in an organization, the dumber they generally are regarding InfoSec.

                          Comment


                          • #14
                            Personally I think this all started with the dnc staffer who was disaffected with the rigging of the primaries. All he would have to do is email the files to wikileaks and when that was found out he was shot at 4 am. in a robbery that left his wallet, cellphone, and wristwatch behind...

                            Who goes wandering about in DC at that time of the night???

                            Credo quia absurdum.


                            Quantum mechanics describes nature as absurd from the point of view of common sense. And yet it fully agrees with experiment. So I hope you can accept nature as She is - absurd! - Richard Feynman

                            Comment


                            • #15
                              Originally posted by Bwaha View Post
                              Personally I think this all started with the dnc staffer who was disaffected with the rigging of the primaries. All he would have to do is email the files to wikileaks and when that was found out he was shot at 4 am. in a robbery that left his wallet, cellphone, and wristwatch behind...

                              Who goes wandering about in DC at that time of the night???

                              Ockham would say...

                              Watts Up With That? | The world's most viewed site on global warming and climate change.

                              Comment

                              Latest Topics

                              Collapse

                              Working...
                              X