Jump to content

Cre8asiteforums Internet Marketing
and Conversion Web Design


Photo

Wordfence Investigates Russian/us Hacking Claims


  • Please log in to reply
12 replies to this topic

#1 cre8pc

cre8pc

    Dream Catcher Forums Founder

  • Admin - Top Level
  • 14,819 posts

Posted 30 December 2016 - 11:45 AM

This is really fascinating.  Loaded with techie stuff for you and no smoking gun but my feeling is that we will not get ALL the information that's classified on this topic.

 

Regarding WordPress, hacking, etc. this article is pretty in-depth. The comments are fun too.

 

US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

 

 
Overall Conclusion

The IP addresses that DHS provided may have been used for an attack by a state actor like Russia. But they don’t appear to provide any association with Russia. They are probably used by a wide range of other malicious actors, especially the 15% of IP addresses that are Tor exit nodes.

The malware sample is old, widely used and appears to be Ukrainian. It has no apparent relationship with Russian intelligence and it would be an indicator of compromise for any website.

 

 



#2 bobbb

bobbb

    Sonic Boom Member

  • Hall Of Fame
  • 3,439 posts

Posted 30 December 2016 - 05:19 PM

It would be nice, just for comparison purposes, to see this kind of analysis done by the other side which would indicate the same type of activity by some Nation State Agency player(s) on this side.

 

Not holding my breath.


Edited by bobbb, 30 December 2016 - 05:20 PM.


#3 bobbb

bobbb

    Sonic Boom Member

  • Hall Of Fame
  • 3,439 posts

Posted 31 December 2016 - 02:28 PM

I just read all the comments in that article. The conclusion is indeed factual but I can add one observation. Hackers they describe are motivated by money and there was no money in hacking the DNC servers and delivering it to Wikileaks in some sort of ideological statement. So motivation comes into play.

The botnets owned by these hackers can be hired without the owners knowing exactly how it will be used and they don't care as long as there is money in it. Anyone can rent those botnets... well anyone with the right connections. I'm sure I could not. So who was motivated? Someone knows. We never will.
 



#4 cre8pc

cre8pc

    Dream Catcher Forums Founder

  • Admin - Top Level
  • 14,819 posts

Posted 31 December 2016 - 03:54 PM

There was an article on CNN today that said that Vermont found they were hacked. They don't say by what, but when I read it, I wondered if it was with the same malware reference above, but not named in the article.  And if the same, the intent of the article is misleading. I'm not feeling really confident about what the public is being told.



#5 bobbb

bobbb

    Sonic Boom Member

  • Hall Of Fame
  • 3,439 posts

Posted 01 January 2017 - 12:42 PM

Top-Secret document reveals what the NSA knew about previous Russian hacking
https://theintercept...ussian-hacking/



#6 cre8pc

cre8pc

    Dream Catcher Forums Founder

  • Admin - Top Level
  • 14,819 posts

Posted 02 January 2017 - 10:13 AM

WordFence has released part 2 with a FAQ

 

Election Hack Report FAQ: What You Need to Know

Our report has received wide coverage. Since then I have been interviewed on international network news and by online publications to share our findings. I’d like to provide some clarity both on the FBI/DHS report itself and our findings in the form of an FAQ.

Our business is WordPress security and our customers use WordPress and the Wordfence firewall and malware scanner. Some of this report will be talking directly to our customers, and some of it will be helpful for those interested in security in general and global events.

 

Does the report prove that Russia Hacked the 2016 US Election?

No it does not. What Wordfence revealed on Friday is that the PHP malware sample that the US government provided is:

  • An old version of malware. The sample was version 3.1.0 and the current version is 3.1.7 with 4.1.1 beta also available.
  • Freely available to anyone who wants it.
  • The authors claim they are Ukrainian, not Russian.
  • The malware is an administrative tool used by hackers to upload files, view files on a hacked website, download database contents and so on. It is used as one step in a series of steps that would occur during an attack.

Wordfence also analyzed the IP addresses available and demonstrated that they are in 61 countries, belong to over 380 organizations and many of those organizations are well known website hosting providers from where many attacks originate. There is nothing in the IP data that points to Russia specifically.

 


Edited by cre8pc, 02 January 2017 - 12:57 PM.


#7 cre8pc

cre8pc

    Dream Catcher Forums Founder

  • Admin - Top Level
  • 14,819 posts

Posted 02 January 2017 - 10:21 AM

If it is this easy to hack anywhere, from Yahoo!, to WordPress, to electrical grids and all manner of data, I wonder what, if anything, is being done to prevent something like taking down a country's electrical grid.  It feels to me (paranoid?) that the reported event in Vermont was just a test run.  They didn't take down a grid but tested to see how far they could get into it.

 

Mr. Trump says he knows things we don't. Waiting for him to Twitter it to us all.

 

B:)



#8 earlpearl

earlpearl

    Hall of Fame

  • Hall Of Fame
  • 2,531 posts

Posted 02 January 2017 - 11:12 AM

If it is this easy to hack anywhere, from Yahoo!, to WordPress, to electrical grids and all manner of data, I wonder what, if anything, is being done to prevent something like taking down a country's electrical grid.  It feels to me (paranoid?) that the reported event in Vermont was just a test run.  They didn't take down a grid but tested to see how far they could get into it.

 

 

Last year one downed power grid in the Ukraine: 

 

 

 

Mr. Trump says he knows things we don't. Waiting for him to Twitter it to us all.

 

B:)

 

Give me a break.  Trump doesn't even use a computer.  He tweets.  If he likes what someone told him he'll repeat it.  He knows as much about the issue as my toe nail clippings.



#9 cre8pc

cre8pc

    Dream Catcher Forums Founder

  • Admin - Top Level
  • 14,819 posts

Posted 02 January 2017 - 11:23 AM

He knows as much about the issue as my toe nail clippings.

 

Nodding furiously....

 

He actually said that no computer is secure and that if we want to send out something safely, "use a courier".  All I could think of was how fun it will be tack up my horse and deliver news!



#10 earlpearl

earlpearl

    Hall of Fame

  • Hall Of Fame
  • 2,531 posts

Posted 02 January 2017 - 12:54 PM

 

 All I could think of was how fun it will be tack up my horse and deliver news!

pony express.png



#11 bobbb

bobbb

    Sonic Boom Member

  • Hall Of Fame
  • 3,439 posts

Posted 02 January 2017 - 01:01 PM

Mr. Trump says he knows things we don't.

Today this is probably very true. He has been briefed since November....

OK then, he knows what he is being told (like any other leader of a government).

 

He actually said that no computer is secure and that if we want to send out something safely, "use a courier".

Part A partly true. It's secure if turned off, locked in a room 50 feet underground with 10 foot concrete walls, ceiling, and floor, a 2 foot steel door, rabid pitbulls inside, and armed guards at the entrance. This excludes Ethan Hunt (Tom Cruise) of course.

 

Maybe he has not been briefed yet about packages being intercepted in transit, doctored, then sent back on its route.... wait.... even I know this.


Edited by bobbb, 02 January 2017 - 01:02 PM.


#12 iamlost

iamlost

    The Wind Master

  • Site Administrators
  • 5,517 posts

Posted 02 January 2017 - 01:08 PM

Kim's Pony Express!
The news is coming! The news is coming!
Eventually...

A dirty little secret. The US (and many/most others) military has what are known as 'red' teams that test their military and defence installations physical security regularly, if infrequently. They almost never fail. Think about that. If one can physically penetrate and accomplish whatever the assigned goal is at such establishments where security is an active requirement...
Note: similar tests of the TSA at US airports have, again, just about a perfect record of success. All that airport security is expensive theatre to calm civilian fears not actual effective security.

The internet and most especially the web were not conceived nor built with security - except that of the data getting from point A to point B - in mind at all. And most devices and installations that connect to the internet - especially those web enabled - from your home nanny cam to your car to power plants, hospitals, traffic control - are typically build without a single thought to security of any sort.

You'll notice that just about all hackers caught and sentenced are script kiddies. When was the last time you read of a truly competent (non-publicity seeking) individual let alone state sponsored experts being identified let alone convicted? In most of the news stories of such incidents it is rarely a matter of fact but of circumstantial evidence pointing in some direction. And with the ease of spoofing just about everything circumstances, in such cases, may well be misleading.



#13 bobbb

bobbb

    Sonic Boom Member

  • Hall Of Fame
  • 3,439 posts

Posted 15 January 2017 - 09:51 PM

Not exactly the analysis I would have liked but

Russian Security Council: But we're getting hacked, too

http://www.dw.com/en...-too/a-37139566





RSS Feed

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users