Skip to main content

Microsoft stops a Russian attempt at hacking 2018 midterm elections

Less than a week after the United States government charged 12 Russian officers for hacking in the 2016 presidential election, Microsoft is accusing the same Russian intelligence agency of using a phishing scheme to hack at least three additional candidates in the 2018 midterm election. Microsoft vice president for customer security and trust Tom Burt revealed the company’s findings at the Aspen Security Forum’s Defending Democratic Institutions: Election 2018 and Beyond panel.

“Earlier this year we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks,” Burt said. “We saw metadata that suggested those phishing attacks were being directed at three candidates.” Details of the attack were not revealed, but phishing attacks usually involve hackers sending an email with a web address containing a malicious link that’s designed to install malware when it is activated. As part of its work with the United States government, Microsoft was able to seize the domain before it could inflict damage.

Microsoft also did not reveal the names of the affected candidates nor their political party affiliations, but Burt noted that “because of their positions, [the candidates] might have been interesting targets from an espionage standpoint, as well as an election disruption standpoint.” The company traced the hacks back to the Russian group Strontium, which is widely believed to be closely linked to Russia’s GRU military intelligence agency.

Burt’s announcement comes less than a week after U.S. Special Counsel Robert Mueller indicted 12 members of the GRU for their involvement in hacking the Democratic National Committee in 2016. Similar to the discovery of Russian-linked hacking on the 2018 elections, Microsoft’s security team found that spoofed domains were used in the 2016 election hacks. Though hacking politicians has been part of spy organizations, leaking the information is seen as a violation of the practice, Buzzfeed News reported. “A hacker group from a second Russian intelligence agency had penetrated the DNC as early as 2015, but didn’t spread that information, and has avoided the kind of international condemnation aimed at the GRU,” the site noted.

Despite continued warnings by U.S. intelligence officials, including FBI Director Christopher Wray and National Intelligence Director Dan Coats, that election hacking will be a likelihood in the 2018 elections and beyond, the Republican-controlled House voted to eliminate new funding for states to strengthen election security, The New York Times reported. In addition to U.S. hacks, the GRU is also believed to have targeted the campaign of French president Emmanuel Macron.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
Facebook is paying some users to suspend their accounts before the 2020 election
money-facebook

If Facebook offered to pay you to temporarily shutter your account, would you take the money?

Such an offer could even be coming your way after it emerged the social networking giant is offering cash payments to some Facebook and Instagram users as part of a study to learn more about the effects of social media on democracy.

Read more
Twitter confirms DMs were accessed in last week’s major hack
Twitter logo.

Twitter has revealed more information about the major hack involving a Bitcoin scam that targeted dozens of high-profile accounts on its service on Wednesday, July 15.

The company said in a tweet on Wednesday, July 22, that following a complete review of all of the impacted  Twitter accounts, it believes that “for up to 36 of the 130 targeted accounts, the attackers accessed the DM [direct message] inbox, including 1 elected official in the Netherlands.” Twitter did not name the elected official.

Read more
How Coinbase stopped the Twitter Bitcoin hack from being even worse
twitter and laptop hacked

The hackers behind last week's massive Twitter security breach made off with more than $100,000 through their Bitcoin giveaway scam. But it could have been much worse.

Quick responses from Twitter and Bitcoin exchanges like Coinbase reportedly kept a combined $300,000 away from the hackers' pockets.

Read more