It is currently 23-10-2017 01:51

Found evidence of the involvement of Russian hackers for hacking into voter registration in the United States

Found evidence of the involvement of Russian hackers for hacking into voter registration in the United States

by sigismund » 2016-09-06 12:09:21


6 of 8 IP addresses used in the attacks belong to a Russian hosting company.


Specialists of the company ThreatConnect discovered the link between the recent attacks on voter registration system in the United States and malicious campaigns carried out allegedly associated with the Russian government hackers.

In August this year, the Federal Bureau of investigation, the United States sent out a warning about cyber attacks, during which hackers managed to obtain access to databases of the system of voter registration in two States.

In the alert, the FBI pointed out the technical details of attacks, including the IP address, figured in both incidents. According to the results of the analysis, conducted by experts from ThreatConnect data IP addresses repeatedly contacted the Russian underground hacking forums. In particular, some of them are owned by FortUnix Networks, whose infrastructure was exploited in the attacks on Ukrainian energy companies in December last year.

According to experts, one of the IP addresses (5.149.249.172 ) in the past been used in phishing attacks aimed at political parties in Turkey and Germany, as well as the Parliament of Ukraine. In the course of the research activity the IP address has also revealed a number of additional factors that demonstrate its connection with one of the Russian gangs allegedly working for the government of the Russian Federation.

The researchers were able to access C&C server used in the above phishing campaign. They found a total of 113 letters, written in Ukrainian, Turkish, German and English. As it turned out during further analysis, one of the domains used for hosting the phishing content was registered to the email address associated with the domain previously included in the campaign group APT 28, also known as Fancy Bear, Pawn Storm Sednit and Sofacy.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5