• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Malware » The Mueller Report – Hacking with Malware

The Mueller Report – Hacking with Malware

2019-04-24 by Michelle Dvorak

Mueller Report Rissian Malware

Russia Intelligence Units Hacked Election Databases and Voting Technology

The Muller Report states that Russian military intelligence officially known as Main Intelligence Directorate of the General Staff of the Russian Army, but commonly known as GRU hacked the election process through malware attacks as well as spear phishing email campaigns. Hackers targeted U.S. election officials, election websites, and private manufacturers of voting machines.

In 2016, GRU Unit 26165 hacked the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC) using spear phishing emails. While GRU Unit 74455 hacked various state and local boards of elections, secretaries of state, and companies that provide voting technology. GRU exploited vulnerabilities on official election websites. Hackers used straightforward techniques including a tactic known as SQL injection to gain access to databases of voter information. The cyber attack vector was to inject malicious SQL code to allow hackers to run more SQL commands to download data.

The Mueller Report is officially titled, The Report On The Investigation Into Russian Interference In The 2016 Presidential Election, Volumes I and II, by Special Counsel Robert S Mueller, III. The report outlines the investigation into Russian interference with the 2016 US Presidential elections. It details how Russian hackers compromised election websites, hacked Clinton campaign email servers, and conducted email phishing campaigns.

According to the Mueller Report, in June 2016, a GRU unit hacked the IT system of the Illinois State Board of Elections by exploiting a vulnerability in its website. GRU gained access to millions of registered Illinois voters. They downloaded thousands of voter records before the malware was detected and access was shut down.

Malware was sent to over 120 Florida county election officials in November 2016. The malware was sent via spear phishing emails. Spear phishing emails are malicious emails purposefully targeted at individuals. The emails attempt to gain personal information about the recipient and encourage them to take some action. Recipients are tricked by spear phishing emails because they are personalized and appear to be legitimate. Sometimes only spelling mistakes or the suspicious intentions of the email text are the only clues that the email may be criminal. The spear phishing emails had a Trojan Word document attached which launched malware. Once infected, GRU was able to access infected machines.

How Does Trojan Malware Work?

Trojan is an umbrella term for a malware delivery strategy. Trojans are also considered a form of malware as they carry out unwanted activity on a computer or IT system. Trojans are used by hackers to gain access to computer systems and hardware. Targets are tricked into downloading an email attachment or clicking on a link that sends them to a spoofed website. The trojan loads files and executes malware on their computer systems.

In addition to hacking election related IT systems, GRU also hacked the computer systems of the DCCC and the DNC. Beginning in March 2016, GRU hacked the computers and email accounts belonging to Clinton campaign workers. This including the email breach of campaign chairman John Podesta, the Mueller report stated.

Both the DCCC and DNC IT systems were infected with two malwares, X-Agent and X-Tunnel according to the Mueller Report page 38. The X-Agent malware record the keystrokes of infected machines. It also took screenshots and recorded the files system. The X-Tunnel malware tunneled outside of the DCC and DNC networks and was used for large data transfers of stolen information.

What is Malware?

Malware is any unwanted application on a computer, IT network, or electronic device such as a smartphone. Malware can take control or a device or download files. Sometimes malware quietly uses an infected device to spread more malware waiting for some future purpose. Malware can be used spy on the activities of a device or to recruit computers to work together in a botnet.

The malware used by the Russian hackers was developed to infiltrate computer networks and infecting as many devices as possible.

Malware is called ransomware when it locks up a machine and takes control away from its legitimate owner promising to return control when a ransom is paid. Recipients’ machines are infected when they click on a link in an email or download malware that in turn downloads even more malware. Email can be accompanied by attachments that contain malicious executable files. Malware includes ransomware, computer viruses, adware, and trackers. Well-known, recent malwares include GandCrab, SamSam, Bad Rabbit, Petya, Not Petya, and WannaCry.

How Does Malware Work?

Malware works by gaining access to a computer or system. The malware generally attempts to gain administrative rights to a device by exploiting known security vulnerabilities. An SQL injection is a chunk of malicious commands that work on SQL databases. The hacker breaks a database allowing unauthorized access to the data. Once in, they extract information from the database. In the case of the Illinois Board of Election hack, the hackers downloaded thousands of voters records before they malware was detected.

Russian owned, Internet Research Agency (IRA), also carries out botnet activities on social media to cause political and social discord during election season.

Filed Under: Malware Tagged With: Russia

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version