Government

Democrats find hackers targeting voter database

The DNC looks to have turned away the attack.

August 22, 2018

Update: The DNC said late Wednesday that the operation was not by a malicious actor. More coverage here.

The Democratic National Committee reached out to the FBI after cybersecurity firm Lookout found a spearphishing operation aimed at breaking into the Democrats’ voter database, CNN reported on Wednesday.

Lookout discovered the hacking attempt on Monday using its “phishing AI detection” tool which found a phishing site replicating the login to NGP VAN, the tech provider to Democratic and progressive campaigns and organizations.

The DNC was the victim of an expansive and successful phishing campaign leading into the 2016 elections that saw thousands of internal emails made public. That campaign has been widely linked to Russian government-sponsored hackers.

On Monday, the same day the attempted hacking campaign was first discovered, President Donald Trump again expressed doubt that Russians hacked Democratic targets in the 2016 campaign.

“Our Principal Engineer for phishing, Jeremy Richards, received an alert from our phishing AI detection, and Lookout started to investigate the phishing site, which we saw was hosted on DigitalOcean,” Lookout spokesperson Eileen Kemp said. “After notifying the hosting provider the phishing site was then taken down by DigitalOcean within hours. As that investigation progressed, our VP of Security Intelligence, Mike Murray, reached out to DNC, NGP VAN, and DigitalOcean to initiate the response process and start the investigation.”

Here is the original alert:

Heads up @digitalocean, engines have identified a phishing campaign targeting a group with strong links to [$political party]. The campaign targets the org VPN concentrator and went live an hour ago. Please have your security team reach out.

— Phishing AI (@PhishingAi) August 21, 2018

It’s not clear who is behind the hacking attempt.

“This attempt is further proof that there are constant threats as we head into midterm,” the Democrats’ Chief Security Officer Bob Lord said. “We need the administration to take more aggressive steps to protect our voting systems. It is their responsibility to protect our democracy.”

Democrats find hackers targeting voter database

More Like This

Campaigns and political parties are in the crosshairs of election meddlers

CISA ransomware warning program has sent out more than 2,000 alerts

German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says

Top Stories

FCC wants rules for ‘most important part of the internet you’ve probably never heard of’

More Scoops

Emotet hackers are using Democratic Party content in email scam

DNC issues another warning on TikTok, citing data security risks

Biden campaign hires ex-White House official Chris DeRusha as CISO

Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns

DNC tells campaigns to be wary of contact from fake Sanders team account

DNC to Silicon Valley on disinformation: do better

Russia’s GRU propped up fake media personas, mostly failed at social media promotion after DNC hack

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics