Russians used server in Malaysia to hack into US convention

U.S. indictments against a dozen Russian intelligence officers on Friday provided detailed technical evidence to back up allegations of Russian hacking and leaking of information to influence the 2016 U.S. presidential election.

By tracing control of email and social media accounts and a tool for remote internet connections, the 29-page indictment document for the first time showed that the same group of Russians leased servers, targeted Democratic officials with phishing tricks aimed at capturing their online credentials and communicated with Republicans and other distributors of hacked information.

A federal grand jury on Friday charged 12 Russian intelligence officers with hacking Democratic computer networks in 2016 as part of Moscow’s meddling in the presidential election to help Republican Donald Trump.

Although a February indictment accused other Russians of spying and spreading propaganda on social media, it did not link those efforts with hacking, phishing attempts or distribution of hacked information to Republican operatives, a Republican congressional candidate and websites such as DCLeaks, which published the purloined material.

“The last indictment of Russians involved the so-called troll factories and online bot farms that were causing issues on Twitter,” said John Bambenek, vice president at security firm ThreatStop Inc.

“The interesting aspects of this indictment cover how connections were made between services due to reused email addresses, bitcoin wallets, and infrastructure. The Russians didn’t hide themselves that well.”

The conspirators used the same bitcoin funds to buy a virtual public network account for communications and to lease a server in Malaysia that hosted DCLeaks.com. They used the Malaysian server to log into the Twitter account of the online hacker persona Guccifer 2.0, and the same server was used to register websites used for hacking the Democratic committees, according to the indictment.

One of the Russians probed election websites in Iowa, Florida and Georgia, looking for vulnerabilities just days before the November election, the indictment charged.

https://www.thestar.com.my/business/business-news/2018/07/14/report-russians-used-malaysian-server-route-to-hack-us-convention/