One count for a criminal conspiracy to commit an offense against the U.S. The indictments include 11 criminal counts: The team allegedly used Bitcoin to purchase purchasing servers (including the one in Malaysia to host the DCLeaks website), registering domains, and otherwise making payments in furtherance of hacking activity. However, Rosenstein said the indictments did not allege that the cyberattacks ultimately affected vote count or changed the outcome of the 2016 election.Īccording to the indictments, Guccifer 2.0, who posed as a lone hacker from Romania and released sensitive documents hacked from the DNC server, and a website that released records under the name DCLeaks was operated by a Russian hacking team known as "Unit 74455." "There will always be adversaries who work to exacerbate domestic differences and try to confuse, divide, and conquer us." Free and fair elections are hard-fought and contentious," Rosenstein said. "The Internet allows foreign adversaries to attack America in new and unexpected ways. The indictments alleged that the election hacking targeted Hillary Clinton's campaign, DNC and the Democratic Congressional Campaign Committee (DCCC), with an intention to release that information online under the name DNCLeaks. This group is known for registering domains that resemble the legitimate organizations they plan to attack and then setting up spoof sites to steal login information.All 12 Russian officers are members of the country's GRU military intelligence unit and are accused of carrying out "large-scale cyber operations" to hack into DNC network and steal Democrats' emails to influence the 2016 presidential election.
"Extensive targeting of defense ministries and other military victims has been observed, the profile of which closely mirrors the strategic interests of the Russian government, and may indicate affiliation with Main Intelligence Department or GRU, Russia's premier military intelligence service," Alperovitch concluded. The group has been linked to attacks last year on the German parliament and France's TV5Monde. Victims have been identified in the U.S., Western Europe, Brazil, Canada, China, Georgia, Iran, Japan, Malaysia and South Korea. The group has been active since the mid 2000s and has been responsible for attacks against the aerospace, defense, energy, government and media sectors. The malware is highly sophisticated, for example, it uses a range of techniques to check for security software on the machine and will exit if certain versions are detected.įancy Bear, also known as Sofacy or Advanced Persistent Threat 28, breached the network in April. If the recipient clicks the link, malicious code is then loaded onto their machine and installs a Remote Access Tool. Its preferred method of attack is by sending spear phishing emails harboring so-called malicious links.
0 kommentar(er)
