Russia appears to be carrying out a hack through the system used by the US aid agency –

Russia appears to be carrying out a hack through the system used by the US aid agency – fr

The same agency was involved in the 2016 Democratic National Committee hack, and before that, in attacks on the Pentagon, the White House messaging system, and the State Department’s unclassified communications.

He has become increasingly aggressive and creative, according to federal officials and experts. The SolarWinds attack was never detected by the United States government and was carried out using code embedded in network management software that the government and private companies use widely. When customers updated SolarWinds software – much like updating an iPhone overnight – they were unintentionally letting in an invader.

Among the victims last year were the departments of homeland security and energy, as well as nuclear laboratories.

When Mr Biden came to power, he commissioned a study of the SolarWinds case, and officials worked to prevent future “supply chain” attacks, in which adversaries infect software used by federal agencies. . It’s similar to what happened in this case, when Microsoft’s security team surprised the hackers by using a widely used email service, provided by a company called Constant Contact, to send emails. malicious malware that appeared to come from genuine Agency for International Development addresses.

But the content was, at times, barely subtle. In an email sent on Tuesday via the Constant Contact service, the hackers highlighted a message claiming that “Donald Trump has posted new emails about voter fraud.” The email contained a link that, when clicked, drops malicious files onto the recipients’ computers.

Microsoft noted that the attack differed “significantly” from the SolarWinds hack, using new tools and crafts in an apparent effort to avoid detection. He said the attack was still ongoing and hackers continued to send spearphishing emails, with increasing speed and reach. That’s why Microsoft took the unusual step of naming the agency whose email addresses were being used and posting samples of the fake email.

Essentially, the Russians entered the International Development Agency’s email system by going around the agency and directly attacking its software vendors. Constant Contact manages mass emails and other communications on behalf of the humanitarian agency.


Please enter your comment!
Please enter your name here