Connect with us

Technology

DNC backtracks on voter database hacking attempt

Published

on

Whoops! One day after reports broke about a hacking attempt targeting the Democratic National Committee’s voter database, the DNC is admitting the whole incident was a false alarm.

Reported yesterday by CNN, the DNC reached out to the FBI for assistance after cybersecurity firm Lookout warned party officials of an extremely convincing fake login page it discovered that appeared to be part of a spear phishing operation. Lookout also reached out to the NGP Van, the DNC voter database management company and DigitalOcean, the web host that was hosting the fake site.

However, it turns out the alleged hacking attempt was just a test.

DNC chief security officer Bob Lord released a statement explaining the situation. “We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder,” said Lord. He also pointed out where the confusion on the fake login site came from. “The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.”

It turns out that the Michigan Democratic Party had retained the services of a third-party in order to run a phishing simulation. The Michigan Dems never sought authorization from the DNC to conduct such a test.

“In an abundance of caution, our digital partners ran tests that followed extensive training. Despite our misstep and the alarms that were set off, it’s most important that all of the security systems in place worked,” Michigan Democratic Party chair Brandon Dillon said in a released statement.

While the false alarm may be a slight embarrassment for the party, Dillon’s assessment of the actual security measures certainly seem legit.

In Mashable’s conversation with a Lookout spokesperson while reporting on the story yesterday, the cybersecurity firm pointed out how its AI detection system discovered a custom phishing kit on a domain meant to look like the VoteBuilder website, which is where the Democratic Party’s voter database login resides. The uniqueness of the phishing kit as well as how closely the site resembled the authentic login page are partially the reason the fake site was flagged.

Later in a blog post, the cybersecurity firm laid out its process for discovering the fake login page and shared the domain, verifyauth.com, the operation was hosted on. 

A look at the Whois information shows the domain was registered no more than 24 hours prior to Lookout’s discovery of the site.

The type of spear phishing campaign this unauthorized simulation attempted to mimic are similar to the real things previously used to trick Democratic staffers into submitting their usernames and passwords, giving Russian hackers access to the DNC emails that were leaked during the 2016 election. Microsoft has reported on two separate incidents this summer where the company intervened to stop Russia-linked spear phishing attacks on U.S. political targets such as Congresspeople and think tanks.

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f86462%2ffcea79d6 81b1 423f 9eff 803a9eb7ff1b

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}

Continue Reading
Advertisement Find your dream job

Trending