WASHINGTON: Exactly seven months before the 2016 presidential election, Russian government hackers made it onto a Democratic committee’s network.
One of their carefully crafted fraudulent emails had hit pay dirt, enticing an employee to click a link and enter her password.
That breach of the Democratic Congressional Campaign Committee was the first significant step in gaining access to the Democratic National Committee network.
To steal politically sensitive information, prosecutors say, the hackers exploited some of the United States’ own computer infrastructure against it, using servers they leased in Arizona and Illinois. The details were included in an indictment released Friday by special counsel Robert Mueller, who accused the GRU, Russia’s military intelligence agency, of taking part in a wide-ranging conspiracy to interfere in the 2016 presidential election. The companies operating the servers were not identified in the court papers.
The Russians are accused of exploiting their access to inexpensive, powerful servers worldwide — conveniently available for rental — that can be used to commit crimes with impunity. Reaching across oceans and into networks without borders can obfuscate their origins.
The indictment painstakingly reconstructs the hackers’ movements using web servers and a complex bitcoin financing operation.
Two Russian hacking units were charged with tasks, including the creation and management of a hacking tool called “X-agent” that was implanted onto computers. The software allowed them to monitor activity on computers by individuals, steal passwords and maintain access to hacked networks. It captured each keystroke on infected computers and took screenshots of activity displayed on computer screens, including an employee viewing the DCCC’s online banking information.
From April to June 2016, the hackers installed updated versions of their software on at least 10 Democratic computers. The software transmitted information from the infected computers to a GRU-leased server in Arizona, the indictment said. The hackers also created an overseas computer to act as a “middle server” to obscure the connection between the DCCC and the hackers’ Arizona-based server.
Once hackers gained access to the DCCC network, it searched one computer for terms that included “hillary,” “cruz,” and “trump” and copied select folders, including “Benghazi Investigations.”
In emails, the hackers embedded a link that purported to be a spreadsheet of Clinton’s favorability ratings, but instead it directed the computers to send its data to a GRU-created website.
Meanwhile, around the same time, the hackers broke into 33 DNC computers and installed their software on their network. Captured keystrokes and screenshots from the DCCC and DNC computers, including an employee viewing the DCCC’s banking information, were sent back to the Arizona server.
The Russian hackers used other software they developed called X-Tunnel to move stolen documents through encrypted channels to another computer the GRU leased in Illinois.
Despite the use of US-based servers, such vendors typically aren’t legally liable for criminal activities unless it can be proved in federal court that the operator was party to the criminal activity.
A 1996 federal statute protects Internet vendors from being held liable for how customers use their service, and except for a few exceptions, provides immunity to the providers. The law is considered a key part of the legal infrastructure of the Internet, preventing providers from being saddled with the behemoth task of monitoring activity on their servers.
“The fact that someone provided equipment and or connectivity that was used to engage in data theft is not going to be attributed to the vendor in that circumstance,” Eric Goldman, a professor of law and co-director of the High Tech Law Institute at Santa Clara University School of Law, said. A notable exception, however, is if federal prosecutors are bringing a criminal charge for violations of a federal criminal law.
In that case, “we’re going to require a high level of knowledge of their activity or intent,” Goldman said.
When the DNC and DCCC became aware they had been hacked, they hired a cybersecurity firm, Crowdstrike, to determine the extent of the intrusions. Crowdstrike, referred to as “Company 1” in the indictment, took steps to kick the hackers off the networks around June 2016. But for months the Russians eluded their investigators and a version of the malware remained on the network through October — programed to communicate back to a GRU-registered Internet address.
“We do not have any information to suggest that it successfully communicated,” said Adrienne Watson, the DNC’s deputy communications director.
As the company worked to kick them off, GRU officials allegedly searched online for information on Company 1 and what it had reported about its use of X-Agent malware and tried to delete their traces on the DCCC network by using commercial software known as CCleaner. Though Crowdstrike disabled X-agent on the DCCC network, the hackers spent seven hours unsuccessfully trying to connect to their malware and tried using previously stolen credentials to access the network on June 20, 2016.
The indictment also shows the reliance of Russian government hackers on American technology companies such as Twitter, to spread its stolen documents.
The hackers also accessed DNC data in September 2016 by breaking into DNC computers hosted on the Amazon Web Services’ cloud. The hackers used Amazon Web Services’ backup feature to create “snapshots” that they moved onto their own Amazon cloud accounts. Amazon also provides cloud computing services for various government agencies, including the Central Intelligence Agency.
Russian hackers used US online infrastructure against itself
Russian hackers used US online infrastructure against itself
- The Russians are accused of exploiting their access to inexpensive, powerful servers worldwide
- The hackers accessed DNC data in September 2016 by breaking into DNC computers hosted on the Amazon Web Services’ cloud
More than 30 dead in Brazil bus and truck collision
- The exact death toll remains uncertain due to the condition of the bodies, which were burned beyond recognition
- Initially, firefighters reported the bus, carrying 45 passengers, had a tire blowout, causing driver to lose control
A packed bus collided with a truck and burst into flames early on Saturday in Brazil, killing more than 30 people, the fire department said.
After completing the removal of victims from a major highway near the town of Teofilo Otoni in Minas Gerais, the state’s fire department estimated the number of fatalities between 32 and 35, including at least one child.
The exact death toll remains uncertain due to the condition of the bodies, which were burned beyond recognition.
Confirmation will likely depend on forensic work by the Civil Police, the department said in a statement.
A forensic investigation will also be required to determine the accident’s cause, as differing accounts were gathered from witness testimonies, it added.
Initially, firefighters reported the bus, carrying 45 passengers, had a tire blowout, causing the driver to lose control before colliding with an oncoming truck on the BR-116 federal highway, a major route connecting Brazil’s densely populated southeast to the poorer northeast.
However, witnesses also reported that a granite block the truck was transporting came loose, fell on the road and caused the collision with the bus, said the fire department.
“Only the forensic investigation will confirm the true version,” it added.
The bus departed from Sao Paulo and was headed to the state of Bahia.
Firefighters said they rescued 13 passengers from the wrecked bus. Three occupants of a car that also collided and was trapped under the truck survived the accident.
Indian man denies hospital rape and murder of doctor
- The discovery of the doctor’s bloodied body at a government hospital in Kolkata on August 9 sparked nationwide anger
- The gruesome nature of the attack drew comparisons with the 2012 gang rape and murder of a young woman on a Delhi bus
KOLKATA: An Indian man on trial for raping and murdering a 31-year-old doctor has pleaded not guilty, his lawyer said Saturday, a crime that appalled the nation and triggered wide-scale protests.
The discovery of the doctor’s bloodied body at a government hospital in the eastern city of Kolkata on August 9 sparked nationwide anger at the chronic issue of violence against women.
Sanjoy Roy, 33, the lone accused in the case, pleaded not guilty before the judge in a closed court on Friday in Kolkata, his lawyer Sourav Bandyopadhyay told AFP.
“I am not guilty, your honor, I have been framed,” Roy told the court, Bandyopadhyay said, repeating his client’s words.
Roy, a civic volunteer in the hospital, was arrested the day after the murder and has been held in custody since.
He would potentially face the death penalty if convicted.
The court began hearings on November 11, listening to evidence from some 50 witnesses, but it was on Friday that Roy took the stand.
“Judge Anirban Das questioned him with more than 100 questions during the six-hour-long in camera deposition, that continued until late in the evening,” Bandyopadhyay said.
Roy had earlier proclaimed his innocence to the public while screaming from a prison van outside the court before a hearing in November.
Doctors in Kolkata went on strike for weeks in response to the brutal attack.
Tens of thousands of ordinary Indians joined in the protests, which focused anger on the lack of measures for female doctors to work without fear.
India’s Supreme Court has ordered a national task force to examine how to bolster security for health care workers, saying the brutality of the killing had “shocked the conscience of the nation.”
The gruesome nature of the attack drew comparisons with the 2012 gang rape and murder of a young woman on a Delhi bus, which also sparked weeks of nationwide protests.
The trial continues. The next hearing is set for January 2, 2025.
Russia’s UK embassy denounces G7 loans to Ukraine as ‘fraudulent scheme’
- Britain said in October it would lend Ukraine 2.26 billion pounds as part of a much larger loan from the Group of Seven nations backed by frozen Russian central bank assets
LONDON: The Russian embassy in London on Saturday described Britain’s planned transfer to Ukraine of more than 2 billion pounds ($2.5 billion) backed by frozen Russian assets as a “fraudulent scheme.”
Britain said in October it would lend Ukraine 2.26 billion pounds as part of a much larger loan from the Group of Seven nations backed by frozen Russian central bank assets to help buy weapons and rebuild damaged infrastructure.
The loans were agreed in July by leaders of the G7 — Britain, Canada, France, Germany, Italy, Japan and the US — along with top officials from the European Union, where most of the Russian assets frozen as a result of the war are held.
“We are closely following UK authorities’ efforts aimed at implementing a fraudulent scheme of expropriating incomes from Russian state assets ‘frozen’ in the EU,” the Russian embassy in London said on social media.
British Defense Minister John Healey said the money would be solely for Ukraine’s military and could be used to help develop drones capable of traveling further than some long-range missiles.
The embassy added: “The elaborate legislative choreography fails to conceal the illegitimate nature of this arrangement.”
Russia’s Foreign Ministry last week described the US transfer to Ukraine of its share of the G7’s $50 billion in loans as “simply robbery.”
Death toll in German Christmas market car-ramming rises to five, more than 200 injured
- Source: Saudi Arabia had warned German authorities about the attacker
- Germany’s domestic intelligence agency declined to comment on the ongoing investigation
MAGDEBURG, Germany: At least five people were killed in a car-ramming attack at a German Christmas market in the city of Magdeburg that also left more than 200 injured, officials said, and a Saudi man was arrested on suspicion of driving a car into the crowd.
The Friday evening attack on market visitors gathered to celebrate the pre-Christmas season comes amid a fierce debate over security and migration during an election campaign in Germany, where the far right is polling strongly.
“What a terrible act it is to injure and kill so many people there with such brutality,” Chancellor Olaf Scholz said in the central city, part of the former East Germany, where he laid a white rose at a church in honor of the victims.
“We have now learnt that over 200 people have been injured,” he added. “Almost 40 are so seriously injured that we must be very worried about them.”
German authorities are investigating a 50-year-old Saudi doctor who has lived in Germany for almost two decades in connection with the car-ramming. Police searched his home overnight.
The motive remained unclear and police have not yet named the suspect. He has been named in German media as Taleb A.
A Saudi source told Reuters that Saudi Arabia had warned German authorities about the attacker after he posted extremist views on his personal X account that threatened peace and security.
Der Spiegel reported that the suspect had sympathized with the far-right Alternative for Germany (AfD) party. The magazine did not say where it got the information.
Germany’s domestic intelligence agency declined to comment on the ongoing investigation.
Germany’s FAZ newspaper said it interviewed the suspect in 2019, describing him as an anti-Islam activist.
“People like me, who have an Islamic background but are no longer believers, are met with neither understanding nor tolerance by Muslims here,” he was quoted as saying. “I am history’s most aggressive critic of Islam. If you don’t believe me, ask the Arabs.”
Andrea Reis, who had been at the market on Friday, returned on Saturday with her daughter Julia to lay a candle by the church overlooking the site. She said that had it not been for a matter of moments, they may have been in the car’s path.
“I said, ‘let’s go and get a sausage’, but my daughter said ‘no let’s keep walking around’. If we’d stayed where we were we’d have been in the car’s path,” she said.
Tears ran down her face as she described the scene. “Children screaming, crying for mama. You can’t forget that,” she said.
Scholz’s Social Democrats are trailing both the far-right AfD and the frontrunner conservative opposition in opinion polls ahead of snap elections set for Feb. 23.
The AfD, which enjoys particularly strong support in the former East, has led calls for a crackdown on migration to the country.
Its chancellor candidate Alice Weidel and co-leader Tino Chrupalla issued a statement on Saturday condemning the attack.
“The terrible attack on the Christmas market in Magdeburg in the middle of the peaceful pre-Christmas period has shaken us,” they said.
A leading Social Democrat lawmaker in the Bundestag parliament warned against jumping to conclusions and said it appeared the attacker did not have an Islamist motive.
“Now we have to wait for the investigations. It seems that things are different here than was initially assumed,” Dirk Wiese told the Rheinische Post newspaper.
Eight convicted in France over murder of teacher who showed Prophet caricature
- Eight sentenced for roles in hate campaign against teacher
- Two associates of killer sentenced to 16 years for complicity, the father of pupil sentenced to 13 years for inciting hatred
PARIS: A French court sentenced eight people to prison terms ranging from one to 16 years for their roles in a hate campaign that culminated in the murder of a teacher who had shown caricatures of the Prophet Muhammad in class, local media reported.
Days after Samuel Paty, 47, showed his pupils the caricatures in October 2020, an 18-year-old Chechen assailant stabbed and beheaded him outside his school in Conflans-Sainte-Honorine, near Paris. The assailant was shot dead by police moments after.
Among those convicted on Friday was the father of a student whose false account of Paty’s use of the caricatures triggered a wave of social media posts targeting the middle-school teacher.
The court sentenced Brahim Chnina to 13 years in prison for criminal terrorist association, according to broadcaster Franceinfo. Chnina had published videos falsely accusing the teacher of disciplining his daughter for complaining about the class, naming Paty and identifying his school.
Abdelhakim Sefrioui, the founder of a hard-line Islamist organization, received a 15-year sentence. Both Sefrioui and Chnina were found guilty of inciting hatred against Paty.
Many Muslims consider any depiction of the Prophet Muhammad to be blasphemous. Sefrioui’s lawyer said his client would appeal the decision, according to French media.
Two associates of Paty’s killer, Abdullakh Anzorov, were also convicted. Naim Boudaoud and Azim Epsirkhanov were sentenced to 16 years in prison for complicity in a terrorist killing. Both had denied wrongdoing, according to Franceinfo.
Last year, a court found Chnina’s daughter and five other adolescents guilty of participating in a premeditated conspiracy and helping prepare an ambush.
Chnina’s daughter, who was not in Paty’s class when the caricatures were shown, was convicted of making false accusations and slanderous comments.
French media reported that the 13-year-old made the allegations after her parents questioned why she had been suspended from school for two days.
