Who says hackers aren’t interested in politics?
Though we may never know the political allegiances of hackers, it looks as though many have no problem launching their cybercriminal activities at any political party or figure left unprotected. In this week’s Hacker Tracker, we take a look at the political happenings of hackers and why the latest debate isn’t the only thing to keep an eye on as the U.S. presidential election quickly approaches.
Hackers recently targeted a website used to raise funds for Senate Republicans in order to gain access to names, addresses and credit card data of Republican donors.
According to researcher and developer Willem de Groot, the online storefront for the National Republican Senatorial Committee (NRSC) was one of nearly 5,900 eCommerce sites compromised by malicious skimming software.
De Groot said the NRSC site carried the malware through which donors’ credit card data was sent directly to attacker-controlled domains. At least one of the endpoints for the data is a site hosted by dataflow[dot]su — a service that provides so-called “bulletproof hosting” to money launderers, sellers of synthetic drugs and stolen credit card data and other providers of illicit wares or services.
“This clever form of card skimming has been going for a while, at least since March,” de Groot wrote in an Oct. 4 post revealing the NRSC compromise. “The culprits are hiding behind a shell company in Belize. Their business is growing rapidly.”
The hack of Senate Republicans’ fundraising efforts follows ongoing cyberattacks against the DNC, Democratic Congressional Campaign Committee and various Clinton campaign officials. Those attacks have resulted in the publication on WikiLeaks and elsewhere of tens of thousands of private emails belonging to senior Democratic officials.
There does seem to be a clear difference in the motives of the attacks — the DNC hacks seem aimed, according to the FBI, at steering the outcome of the election, while the recent RNC hack seems to be more financially motivated.
Hacktivists Take On Colin Powell
Emails from former Secretary of State Colin Powell were leaked by a group of hackers known as “hacktivists.”
The messages made public shed light on the mergers and acquisition plans of Salesforce.com, the cloud computing company Powell has sat on the board for since 2014.
According to the leaked emails, the San Francisco-based firm has had its eye on about 14 different companies, including Tableau Software, Adobe, Pegasystems, ServiceNow, Marketo and Qlik Technologies, WorkDay, Box and Zendesk, The Wall Street Journal reported.
A Salesforce spokeswoman emailed a statement to GeekWire, saying that the company “has a disciplined and thoughtful M&A process where we routinely survey the industry landscape across a wide range of companies but acquire very few.” She went on to say that the list is “a broad survey” of companies, which “doesn’t imply Salesforce ever intended to acquire them.”
Governments Say ‘No More’ To Ransomware
It’s no surprise that government agencies tend to be prime targets for hackers and their malicious activities, but global security company Kaspersky Lab is helping countries to fight back with its No More Ransom project.
The company announced that law enforcement agencies from 13 more countries have signed up to fight ransomware, including Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland and the U.K.
This collaboration will result in more free decryption tools becoming available, help for even more victims decrypting their devices and unlocking their information and hitting the cybercriminals where it hurts the most: their wallets.
“The fight against ransomware succeeds best when law enforcement agencies and the private sector join forces,” said Jornt van der Wiel, security researcher with the global research and analysis team at Kaspersky Lab, in the press release. “Information sharing is the key to effective collaboration between the police and security researchers. The easier and faster it happens, the more effective the partnership becomes. Getting more law enforcement agencies from different countries on board will therefore improve operational information sharing, so that, in the end, ransomware will be fought more successfully.”
Just two months after the project launched on July 25, 2016, Kaspersky Lab said more than 2,500 people had already managed to decrypt their data without having to pay hackers by using the decryption tools on the platform. This alone kept an estimated $1+ million in ransoms out of the pockets of cybercriminals.