Russian hackers leaked data of millions of American voters to the darknet
On one of the Russian hacker sites, they posted databases of 7,6 million Michigan voters, as well as millions of residents of other US states, writes “Kommersant”.
Forum users have found a way to make money on them, using the State Department's program "Rewards for Aid to Justice", which allows them to receive money for reporting the facts of interference in elections in the country. Other commercial ways to exploit the leak are likely to be exhausted, experts say. Some of them admit that the publication of the bases may be a provocation before the next US presidential elections.
“Kommersant” discovered on one of the forums on the darknet an advertisement for free access to personal data of millions of US residents. User Gorka9 is distributing archives of Michigan voters. His message states that the files contain detailed information on 7,6 million Americans. They contain the following lines: name, date of birth, gender, date of registration, address, postal code, e-mail, voter identification number and polling station number, Kommersant was convinced. According to the author, the data is current for March 2020. The InfoWatch Group of Companies "Kommersant" confirmed the authenticity of this database, specifying that it initially "leaked" at the end of 2019.
Judging by the content of the forum, Gorka9 specializes in hacking and selling American databases.
Its victims were not only Michigan residents. Kommersant also found on the site distribution of databases of voters of the states of Connecticut, Arkansas, Florida and North Carolina. Each of the archives contains from 2 million to 6 million lines. Voter bases are not limited to. The same hacker also sells the personal data of 62 patients at the Brooklyn Center for Surgery in New York.
Forum users have already found a way to monetize information about American voters that does not require any specialized skills. To do this, it is proposed to use the US Department of State program "Rewards for Justice" (Rewards for Justice).
One of the forum participants claims that within its framework he managed to receive a financial reward of approximately $ 4 thousand for a link to a leaked Connecticut voter base.
The Rewards for Justice program became widely known in the summer; in early August, Znak.com reported that Russians began to receive SMS messages from the State Department with an offer for a reward of up to $ 10 million to detail the facts of foreign interference in the American elections. The US Embassy confirmed to It`s My City that it was involved in the mailing, and Russian Foreign Ministry spokeswoman Maria Zakharova on Facebook called the mailing a "hybrid attack" by the American special services.
Such leaks can be used for political purposes: to study the preferences of voters, aim them at one or another choice, or even incline to protests, says Andrey Arsentiev, head of analytics and special projects at InfoWatch. But more often, he said, the databases serve primarily as valuable information for scammers, since the voter lists contain all the basic information about people. Vladimir Dryukov, director of the Solar JSOC monitoring and response center at Rostelecom, suggests that the hackers themselves, who initially took possession of the databases, have already “obtained all the commercial benefits” before they are made publicly available.
The experts interviewed by Kommersant note the regularity of leaks of personal data of American voters.
"Often, data is compromised due to incorrect configuration of servers in the cloud or incorrect application settings," explains Andrey Arsentiev. He recalls that the largest leak occurred in 2007, when, through the fault of the contractor of the Republican Party, the data of 198 million US citizens who had the right to vote were in the public domain.
The hackers themselves also speak about the weak protection of personal data of American voters. In a correspondence with a Kommersant correspondent, one of the database vendors said that it would be enough to find one of the numerous vulnerabilities of the sites used in voting, and then use the SQL Injection method - the injection of malicious code into the database.
However, we can talk about a deliberate provocation, experts do not exclude.
Anastasia Fedorova, leading analyst in the Information Security department of the IT company CROC, points out that the post about the leak appeared shortly before the US presidential elections scheduled for November 3. In her opinion, judging by the completeness of the information, the state system became its source. Another source of Kommersant believes that according to the nickname of the user who published the database, one can assume that this is "the first stage of preparation for accusing Russian hackers of interfering in the US presidential elections."
stdClass Object ([term_id] => 1 [name] => Miscellaneous [taxonomy] => category [slug] => no_theme)Miscellaneous
stdClass Object ([term_id] => 8965 [name] => data leak [taxonomy] => post_tag [slug] => utechka-dannyx)data leakage
stdClass Object ([term_id] => 11083 [name] => Russian hackers [taxonomy] => post_tag [slug] => rossijskie-xakery)Russian hackers
stdClass Object ([term_id] => 13334 [name] => In the homeland [taxonomy] => category [slug] => novosti-rodini)At home
Read also on ForumDaily:
Do you want more important and interesting news about life in the USA and immigration to America? Subscribe to our page in Facebook. Choose the "Display Priority" option and read us first. And don't forget to subscribe to ForumDaily Woman and ForumDaily New York - there you will find a lot of interesting and positive information.