Pages Navigation Menu

The blog of DataDiggers

Categories Navigation Menu

Russian hacked ‘at least one’ Florida county prior to 2016 election

Posted by on Apr 18, 2019 in cybercrime, department of justice, election systems, fancy bear, Florida, Government, GRU, Hack, Homeland Security, phishing, presidential election, Security, Technology, United States | 0 comments

Russian operatives successfully targeted and hacked “at least one” Florida county government in the run up to the 2016 U.S. presidential election, according to new findings by the Special Counsel Robert Mueller.

The report, published Thursday by the Justice Department, said the county was targeted by the Russian intelligence service, known as the GRU. The hackers sent spearphishing emails to more than 120 email accounts used by county officials responsible for administering the election, the report said.

According to the findings:

In August 2016, GRU officers targeted employees of [REDACTED], a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network… the spearphishing emails contained an attached Word document coded with malicious software (commonly referred to as a Trojan) that permitted the GRU to access the infected computer.

The findings are a significant development from previous reporting that said Florida’s election systems were merely targets of the Russian operatives.

Sen. Bill Nelson (D-FL) was derided after he claimed just days before his eventual re-election that hackers had gained access to the state’s election systems. According to NBC News, some of Nelson’s assertions were based off classified information that was not yet public.

Nelson’s remarks came almost a year after The Intercept published a classified document — later discovered to have been sent by since-jailed NSA whistleblower and Reality Winner — showing that intelligence pointed to a concerted effort by the GRU to target election infrastructure. The NSA said the hackers sent emails impersonating voting technology company VR Systems to state government officials.

The Orlando Sentinel confirmed Thursday following the release of Mueller’s report’s that Volusia County was sent infected emails containing malware, suggesting Volusia County — north of Orlando — may have been the target.

Mueller’s report confirmed that the FBI investigated the incident.

The office of Florida’s secretary of state said that Florida’s voter registration system “was and remains secure,” and “official results or vote tallies were not changed.”

Two years later following the 2018 midterm elections, the Justice Department and Homeland Security said there was “no evidence” of vote hacking or tampering.


Source: The Tech Crunch

Read More

Mueller says use of encrypted messaging stalled some lines of inquiry

Posted by on Apr 18, 2019 in Donald Trump, encryption, Government, law enforcement, Mueller report, operating systems, president, Security, Software, trump | 0 comments

A single paragraph in the Mueller report out Thursday offers an interesting look into how the Special Counsel’s investigation came head-to-head with associates of President Trump who used encrypted and ephemeral messaging to hide their activities.

From the report:

Further, the Office learned that some of the individuals we interviewed or whose conduct we investigated-including some associated with the Trump Campaign — deleted relevant communications or communicated during the relevant period using applications that feature encryption or that do not provide for long-term retention of data or communications records. In such cases, the Office was not able to corroborate witness statements through comparison to contemporaneous communications or fully question witnesses about statements that appeared inconsistent with other known facts.

The report didn’t spell out specifics of whom or why, but clearly Mueller wasn’t happy. He was talking about encrypted messaging apps that also delete conversation histories over a period of time. Apps like Signal and WhatsApp are popular for this exact reason — you can communicate securely and wipe any trace after the fact.

Clearly, some of Trump’s associates knew better.

But where prosecutors who have faced similar setbacks with individuals using encrypted messaging apps to hide their tracks have often attacked tech companies for building the secure apps, Mueller did not. He just stated a fact and left it at that.

For years, police and law enforcement have lobbied against encryption because they say it hinders investigations. More and more, apps are using end-to-end encryption — where the data is scrambled from one device to another — so that even the tech companies can’t read their users’ messages. But just as criminals use encrypted messaging for bad, ordinary people use encrypted messaging to keep their conversations private.

According to the report, it wasn’t just those on the campaign trail. The hackers associated with the Russian government and WikiLeaks, both of which were in contact following the breaches on Hillary Clinton’s campaign and the Democratic National Committee, took efforts to “hide their communications.”

Not all of Trump’s associates have fared so well over the years.

Michael Cohen, Trump’s former personal attorney, learned the hard way that encrypted messaging apps are all good and well — unless someone has your phone. Federal agents seized Cohen’s BlackBerry, allowing prosecutors to recover streams of WhatsApp and Telegram chats with Trump’s former campaign chief Paul Manafort.

Manafort, the only person jailed as part of the Mueller investigation, also tripped up after his “opsec fail” after prosecutors obtained a warrant to access his backed-up messages stored in iCloud.


Source: The Tech Crunch

Read More

Chipotle customers are saying their accounts have been hacked

Posted by on Apr 17, 2019 in Apps, computer security, credential stuffing, data breach, data security, Food, Hack, multi-factor authentication, Password, Prevention, Privacy, Security, spokesperson | 0 comments

A stream of Chipotle customers have said their accounts have been hacked and are reporting fraudulent orders charged to their credit cards — sometimes totaling hundreds of dollars.

Customers have posted on several Reddit threads complaining of account breaches and many more have tweeted at @ChipotleTweets to alert the fast food giant of the problem. In most cases, orders were put through under a victim’s account and delivered to addresses often not even in the victim’s state.

Many of the customers TechCrunch spoke to in the past two days said they used their Chipotle account password on other sites. Chipotle spokesperson Laurie Schalow told TechCrunch that credential stuffing was to blame. Hackers take lists of usernames and passwords from other breached sites and brute-force their way into other accounts.

But several customers we spoke to said their password was unique to Chipotle. Another customer said they didn’t have an account but ordered through Chipotle’s guest checkout option.

Tweets from Chipotle customers. (Screenshot: TechCrunch)

When we asked Chipotle about this, Schalow said the company is “monitoring any possible account security issues of which we’re made aware and continue to have no indication of a breach of private data of our customers,” and reiterated that the company’s data points to credential stuffing.

It’s a similar set of complaints made by DoorDash customers last year, who said their accounts had been improperly accessed. DoorDash also blamed the account hacks on credential stuffing, but could not explain how some accounts were breached even when users told TechCrunch that they used a unique password on the site.

If credential stuffing is to blame for Chipotle account breaches, rolling out two-factor authentication would help prevent the automated login process — and, put an additional barrier between a hacker and a victim’s account.

But when asked if Chipotle has plans to roll out two-factor authentication to protect its customers going forward, spokesperson Schalow declined to comment. “We don’t discuss our security strategies.”

Chipotle reported a data breach in 2017 affecting its 2,250 restaurants. Hackers infected its point-of-sale devices with malware, scraping millions of payment cards from unsuspecting restaurant goers. More than a hundred fast food and restaurant chains were also affected by the same malware infections.

In August, three suspects said to be members of the FIN7 hacking and fraud group were charged with the credit card thefts.


Source: The Tech Crunch

Read More

Beto O’Rourke could be the first hacker president

Posted by on Mar 15, 2019 in articles, computing, Government, hacker, hacking, hacktivism, president, Security, texas | 0 comments

Democratic presidential candidate Beto O’Rourke has revealed he was a member of a notorious decades-old hacking group.

The former congressman was a member of the Texas-based hacker group, the Cult of the Dead Cow, known for inspiring early hacktivism in the internet age and building exploits and hacks for Microsoft Windows. The group used the internet as a platform in the 1990s to protest real-world events, often to promote human rights and denouncing censorship. Among its many releases, the Cult of the Dead Cow was best known for its Back Orifice program, a remote access and administration tool.

O’Rourke went by the handle “Psychedelic Warlord,” as revealed by Reuters, which broke the story.

But as he climbed the political ranks, first elected to the El Paso city council in 2005, he reportedly grew concerned that his membership with the group would harm his political aspirations. The group’s members kept O’Rourke’s secret safe until the ex-hacker confirmed to Reuters his association with the group.

Reuters described him as the “most prominent ex-hacker in American political history,” who on Thursday announced his candidacy for president of the United States.

If he wins the White House, he would become the first hacker president.

O’Rourke’s history sheds light on how the candidate approaches and understands the technological issues that face the U.S. today. He’s one of the few presidential candidates to run for the White House with more than a modicum of tech knowledge — and the crucial awareness of the good and the problems tech can bring at a policy level.

“I understand the democratizing power of the internet, and how transformative it was for me personally, and how it leveraged the extraordinary intelligence of these people all over the country who were sharing ideas and techniques,” O’Rourke told Reuters.

The 46-year-old has yet to address supporters about the new revelations.


Source: The Tech Crunch

Read More

Facebook won’t store data in countries with human rights violations — except Singapore

Posted by on Mar 13, 2019 in Amazon, Asia, Facebook, Government, human rights, Human Rights Watch, Privacy, Singapore | 0 comments

As soon as Mark Zuckerberg said in a lengthy 3,225-word blog post to not build data centers in countries with poor human rights, he had already broken his promise.

He chose to ignore Singapore, which the Facebook founder had only months earlier posted about, declaring the micro-state home to the company’s first data center in Asia to “serve everyone.”

Zuckerberg was clear: “As we build our infrastructure around the world, we’ve chosen not to build data centers in countries that have a track record of violating human rights like privacy or freedom of expression.”

If there are two things Singapore is known for, it’s that there’s no privacy nor freedom of expression.

For all its glitz and economic power, Singapore’s human rights record falls far below internationally recognized norms. The state, with a population of five million, consistently falls close to the bottom in worldwide rankings by rights groups for its oppressive laws against freedom of speech, expression and assembly and limited rights to privacy under its expanding surveillance system. Worse, the country is known for its horrendous treatment of those in the LGBTQ+ community, whose actions are heavily restricted and any public act or depiction is deemed criminal. And even the media are under close watch and often threatened with rebuke and defamation lawsuits by the government.

Reporters Without Borders said Singapore has an “intolerant government,” and Human Rights Watch called some of the country’s more restrictive laws “draconian.”

We brought these points up to Facebook, but the company doesn’t see Zuckerberg’s remarks as contradictory or hypocritical.

“Deciding where to locate a new data center is a multi-year process that considers dozens of different factors, including access to renewable energy, connectivity, and a strong local talent pool,” said Facebook spokesperson Jennifer Hakes. “An essential factor, however, is ensuring that we can protect any user data stored in the facility.”

“This was the key point that Mark Zuckerberg emphasized in his post last week,” said Hakes. “We looked at all these factors carefully in Singapore and determined that it was the right location for our first data center in Asia.”

It’s ironic that Facebook’s own platform has been a target for Singapore’s government to crack down on vocal opponents of the state. Jolovan Wham, an activist, was jailed after organizing a public assembly from a Facebook page. The assembly’s permit was denied, so he switched the venue to a Skype call.

When asked, Facebook declined to comment on what it considers unacceptable human rights by a country, only referring back to Zuckerberg’s post.

Singapore remains be an important hub for the tech industry and business — particularly for Western companies, which have thrown human rights to the wind even as they tout their commitment to privacy and free speech at home. Amazon, Microsoft, Google, DigitalOcean, Linode and OVH all have data centers in the micro-state.

But only one to date has made public commitments to not store data in countries with poor records on human rights.

Why has Facebook made an exception for Singapore? It’s a mystery to everyone but Mark Zuckerberg.


Source: The Tech Crunch

Read More