Russian hackers tied to servers in Britain

BBC:
When Russia's most notorious hackers hired servers from a UK-registered company, they left a trove of clues behind, the BBC has discovered.

The hackers used the computers to attack the German parliament, hijack traffic meant for a Nigerian government website and target Apple devices.

The company, Crookservers, had claimed to be based in Oldham for a time.

It says it acted swiftly to eject the hacking team - dubbed Fancy Bear - as soon as it learned of the problem.

Technical and financial records from Crookservers seen by the BBC suggest Fancy Bear had access to significant funds and made use of online financial services, some of which were later closed in anti-money laundering operations.

Fancy Bear - also known as APT28, Sofacy, Iron Twilight and Pawn Storm - has been linked to Russian intelligence.

The group played a key role in 2016's attack on the US's Democratic National Committee (DNC), according to security experts.

Indeed an internet protocol (IP) address that once belonged to a dedicated server hired via Crookservers was discovered in malicious code used in the breach

Early in 2012, Crookservers claimed to be based at the same address as a newsagent's on an unassuming terraced road in Oldham, according to historical website registration records.

But after a short period, the listing switched to Pakistan. The BBC has seen no evidence the shop or its employees knew how the address was being used or that Crookservers had any real connection to the newsagent's.

Crookservers was what is known as a server reseller. It was an entirely online business. The computers it effectively sublet were owned by another company based in France and Canada.
...
What an odd name for a business.  The alleged owner of the business appears to be a Pakistani who claims no knowledge of how people who buy access to his servers use them.  That might be more credible if the name he operated under was Honestservers.  This is some of the first evidence I have seen that attempts to tie Russian intelligence to the DNC hack.

The DNC hack has been something of a mystery because the DNC refused to allow the FBI access to its server to investigate it.  While the hacks revelations were probably embarrassing to the DNC, I don't think they had an effect on the election.  They mainly showed how the DNC and Clinton were unfair to Bernie Sanders.

Comments

Popular posts from this blog

Should Republicans go ahead and add Supreme Court Justices to head off Democrats

29 % of companies say they are unlikely to keep insurance after Obamacare

Bin Laden's concern about Zarqawi's remains