Friday’s indictment against 12 Russian hackers included details of the tool kit used to interfere in the 2016 Presidential election, the Washington Post reports. The tool kit included spearphishing emails, keystroke loggers, and X-Agent malware. The indictment also details what The Post has dubbed “an aggressive but somewhat inartful operation” in which the computer servers used to carry out cyberattacks were also put to use mining bitcoin.
The campaign specified in the indictment began in March 2016, when an assistant to John Podesta, Hillary Clinton’s campaign chairman, fell victim to a spearphishing email. Allegedly, the 12 hackers, who worked for the Russian espionage agency the GRU, were then able to steal emails that could be used to embarrass and distract the Clinton campaign. From there, they transferred the files to WikiLeaks, where it was believed the content would get greater exposure.
“While Russian hacking, especially for espionage purposes, is decades old, using digital tools to steal data and then release it to embarrass and stoke divisions — weaponizing information — was the innovation, one that U.S. spy agencies did not see coming until too late,” The Washington Post writes.
According to the indictment, the hackers then broke into the Democratic Congressional Campaign Committee (DCCC) by spearphishing another employee. By installing keystroke loggers, they were able to see what staff typed and grab screenshots of computer screens. This gave them what they needed: credentials to be able to access the Democratic National Committee (DNC) network.
Once they had access to DCCC and DNC computers, the hackers stole folders and files containing keywords such as “cruz,” “hillary,” and “Benghazi Investigations.”
The Washington Post reports that “they ‘targeted’ computers that contained information about opposition research and ‘field operation plans’ for the 2016 election,” using network infrastructure leased within the US to move files from targeted computers.
According to the indictment, the personal information of 500,000 voters was stolen. Information included names, addresses, partial Social Security numbers, dates of birth, and driver’s license numbers.
The details of the investigation provide an astonishing glimpse into how coordinated and targeted hackers can be in carrying out their operations.
Get the full story at The Washington Post.