Spear Phishing, the malicious key that opened the Clinton campaign to the Kremlin

0
178

Under the umbrella of the apparent officiality, the Kremlin allegedly managed to illegally access private data from the 2016 presidential campaign of the Democratic candidate, Hillary Clinton, to influence the US elections.

“Spear Phishing” is the name used to refer to the technique used by Russian intelligence to achieve the hacking of different email accounts of the team of the Democratic candidate and rival of the now US president, Donald Trump.

The neologism starts from the fishing term (“fishing”, in English), where a hook is used so that the animal falls into the trap and ends up in the hands of the fisherman, something similar to what happens in this format of computer fraud, that supposedly allowed 50,000 messages from the Clinton team to go to Moscow.

In this case, the lure is not worms, but an unsolicited email that is received by the user and to which the authors grant an appearance of official or face of a close person, and usually add a link to another website in the that the victim provides the data that will be stolen.

That is to say, it is not about the penetration in computers, but the collaboration of the victim with this technique is needed, that far from being novel has been gaining sophistication with the passing of the years.

This technique is referred to in the latest indictment of the Russian plot, presented in recent days by the special prosecutor of the case, Robert Mueller, to charge twelve spies of the Kremlin in the investigation into the alleged coordination between Russia and the Trump campaign in 2016.

According to Mueller, the spies, who were part of the Russian military agency known as GRU, tried numerous times to access the data of the tycoon’s rival and managed to get passwords from different users of the Clinton team, which allowed them to harvest information that later spread.

The FBI defines the action of “phishing” as “the act of sending an email by falsely passing through a legitimate and established business in an attempt to trick the unsuspecting recipient into disclosing personal information.”

According to the agency, these data include different “sensitive information such as passwords, credit card numbers or bank account information”, which they access after directing the user to a specific web page.

“That website, however, is not authentic and has been created only as a means to steal user information”, says the agency, which states that the peculiarity of “Spear Phishing” is that it focuses on a group of people who have something in common, in this context, members of the candidate’s campaign.

Aleksey Viktorovich Lukashev is one of the Kremlin agents included in Mueller’s new battery of imputations.

On March 19, 2016, Lukashev achieved the goal of their operational and tens of thousands of emails ended up in their hands, including 50,000 of Clinton’s chief strategist, John Podesta, who was among those who fell into the trap of Moscow.
In this attack, always according to the accusation, the spy modified the appearance of the message to make it look like a Google security alert to change the password of his account by clicking on a link.

Two days later, the emails had been hijacked.

Lukashev continued to leave hooks to dozens of team workers through various tricks.

Within this network of “Spear Phishing”, the document cites as “example” the attempts executed on July 27, 2016, immersed in the middle of the Clinton-Trump battle, against 76 email accounts. It was the first time he did against that domain.

The date would be one more in the list of moments in which Russian intelligence attacked the Democratic nomination, if not that same day the New York mogul starred in one of the most criticized moments of his election campaign.

“Russia, if you’re listening, I hope you’ll be able to find the 30,000 emails (from Clinton) that are missing,” said Trump, who was soon forced to qualify his words and argue that he did it in a sarcastic tone.

Mueller’s accusation was registered only three days after the first summit between Trump and his Russian counterpart, Vladimir Putin, at whose joint press conference he said he saw no “reason why it was Russia” who tried to interfere in the elections. that he won, then retract and clarify that he meant that he saw no reason “why it was not Russia.”

Leave a Reply