Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label US Elections. Show all posts

Pro-Palestine Outfit Takes Responsibility for Hacking Donald Trump-Elon Musk Interview

 

During a conversation between billionaire Elon Musk and Republican presidential candidate Donald Trump on Musk's social media platform X, technical issues occurred that Musk claimed were caused by a DDoS attack.

The discussion was significant since it was Trump's high-profile comeback to X following his 2021 Twitter ban in the wake of the Capitol rioting. In addition, Musk has been a big supporter of Trump as a candidate for the US presidency, thus inviting the former president to speak on his platform was a noteworthy choice that drew attention. 

What unfolded during the interview?

Less than 20 minutes into the much-anticipated interview, Musk announced that the social media site had been struck by a massive distributed denial of service attack. 

DDoS is an assault on a platform that tries to bring it down by overloading it with too many enquiries in too short a time. Many of the queries are pointless because the goal is to drive excessive traffic to the platform, causing it to eventually fail. 

 L“There appears to be a massive DDoS attack on 𝕏. Working on shutting it down. Worst case, we will proceed with a smaller number of live listeners and post the conversation later,” Musk posted on X on August 13 at 5:48 am IST. He later confirmed this, promising that an unedited audio version will be available soon. 

Who is behind the DDoS incident? 

Palestinian rights 'hacktivists' took responsibility for the attack, claiming their boasts were a ploy to bolster their activism message.

“Rippersec is a pro-Palestine hacktivist group who conducts DDoS attacks motivated by geopolitical events,” digital security writer CyberKnow posted to X. “The group like many hacktivist groups also thrives off attention,' the writer warned, “making it easy for them to claim this to improve credibility and reputation.” 

However, researchers from XLab, China's cybersecurity research and threat analysis department, claimed they had discovered solid evidence to the contrary, setting out their case for a proven DDoS attack in a report on Wednesday. 

“We identified four Mirai botnet C2s (command and controllers) involved in the attack. Additionally, other attack groups also participated using methods like HTTP proxy attacks,” the firm's researchers reported in a blog post. 

'Mirai' is a type of malicious code that converts internet-connected Linux-based devices into remotely controlled 'zombies' for a 'botnet' army.

In a 'HTTP proxy attack,' hackers intercept and modify online communication between sites, servers, and computers, either to steal confidential data or to change the content for a number of purposes. 

“The attack lasted from 8:37am to 9:28am Beijing time [8:37–9:28pm Eastern],' XLab noted, 'which closely matches the delay durations in the start time of the interview. Our analysis indicates that the attack did occur,” their report summed it up. 

As evidence of its findings, the firm shared screenshots of a social media channel called 'UglyBotnet' in which one anonymous user appeared to claim responsibility for the attack. 

Has such an outage occurred before? 

Rhis is not the first time that an X event has been disrupted by technical troubles. A Twitter Spaces event with Florida Governor Ron DeSantis in May 2023 was delayed and had difficulties, which Musk blamed on "straining" systems. 

When Musk bought Twitter in 2022, he began removing key teams and professionals who had kept the old social media network running. Many customers criticised his decision on the new platform's history of outages. Musk, in turn, criticised Twitter and its code stack for being "brittle.”

Ahead of U.S. Presidential Elections, Experts Express Cybersecurity Concerns

 

From the start of this year, according to government agencies, the 2020 U.S. presidential election was said to be one of the "safest" elections to be conducted to date. Compared to the 2016 U.S. elections, voting machines are almost risk-free; the systems leave no trace of the paper record's history. Also, this time, the government has gone all-in to ensure election security from criminal actors. Chris Krebs, director of DHS (Department of Homeland Security) cybersecurity, in an election awareness video said he's never been more sure of a safe election than this. 

Security officials released the video last month, informing about election cybersecurity. However, the harsh reality is, the Russian cyberattacks during the 2016 elections have not entirely disappeared. To avoid the recurrence of that episode, experts suggested that the government spend billions of dollars building a robust cybersecurity system; however, Congress spent only a fraction of that. Meanwhile, social media companies dominate control over influence operations and propaganda on social media; the government seems to take no action. Cybersecurity experts insist the social media is still spreading fake news, and American users in some way have helped the spread of this fake news. 

Potential Vulnerabilities 

According to NPR, "experts agree that actual votes themselves would probably be the most difficult part of an election to hack successfully. The problem has only gotten tougher. In 2016, nearly 28 million voters cast ballots that did not have a corresponding paper trail: a major cybersecurity red flag." Meanwhile, almost every American suspects that some foreign foe may impact the vote count; no evidence suggests that such a thing happened in the 2016 presidential elections. It includes the incident where Russian hackers breached into the registration databases. 

"Stark says that the way officials can demonstrate through public auditing is a process that not every state uses. Even among the countries that do some audit, only a few do what is considered the "gold standard" of post-election audits, called risk-limiting audits. Sen. Ron Wyden, D-Ore., has proposed legislation to mandate such audits nationwide, but election reforms have gained little to no traction with the Republican-controlled Senate," says NPR.

U.S Elections: Spammers Use Fake Voter Registration Forms To Steal User Data and Banking Credentials

 

As the U.S. presidential elections are approaching, the hacking and spamming attacks related to it are rising. In a similar incident, hackers use fake voter registration forms to steal data of the users who access the fake government sites. The voter registration links work as bait, and if the user clicks it, he is redirected to a fake government website. The hacker then steals personal user data, along with banking credentials sometimes. 

"Whatever the intent behind this particular phishing attack, it should serve as a reminder that human beings -- users, employees, citizens, and voters -- are "soft targets" for malicious actors. This is especially true in turbulent times such as the present -- when fear, confusion, and doubt are surging in the run-up to a historic election that happens to fall in the middle of a catastrophic pandemic," says KnowBe4. These phishing campaigns started in September and are still active. 

Cybersecurity firms KnowBe4 and Proofpoint identified the attacks; they say that these attacks are trying to undermine the U.S. government agency's credibility (U.S. Election Assistance Commission (EAC), which is responsible for generating the voter list. The phishing emails have a simple subject line, and it works because citizens feel that they might be left out from the voting list. The phishing campaign uses hacked WordPress websites to host fake websites operated for luring the users. The sites contain incorrect URLs, and if the user fails to notice it, his data can be susceptible to hackers. According to experts, the hackers use a simple template for phishing attacks, and the fake website looks exactly as same as the original government website. 

According to Proofpoint, these spammers have become more aggressive in their recent attacks. They have changed their strategies and now ask for user's data and along with his banking credentials. "Now, as the U.S. election draws closer, many individuals are confirming their voter registration status. Using messages that suggest voter registration is invalid drives user urgency and uncertainty in an election season. We observed the last news from this actor using voter registration themes sent on October 7, 2020. This suggests that the actor may have already shifted to another type of lure," says Proofpoint.

Google Bans Hacked Political Content Ahead of the US Elections, Implements New Google Ads Policy


The presidential elections in the US are near. Keeping this in mind, Google has announced a new policy that will ban ads that advertise hacked political content or propaganda. This new policy will come into effect from 1 September 2020, as per the news available on Google's support page. After the new rule is implemented, the third party players won't be able to purchase ad-space on Google ads, directly or indirectly linked to the hacked content of any political party.

However, ads related to news articles or other pages that contain hacked political material may be allowed. But the news article and the page shouldn't be linked to the political content in any way, says the policy. The violators of this new Google Ads policy (Ad Buyers) will first receive a warning to remove the ad from their account or face account suspension after seven days.


The policy is made observing the 2016 US Elections. 

The new Google Ads policy is made to avoid the 2016 US presidential elections scenario. As we all know, during the 2016 election campaigns in the US, the Russian hackers were able to break into the servers of various political factions associated with the Democratic Party. The breach resulted in data leaks of the Democratic party on WikiLeaks and DC leaks. The attack resulted in biased media coverage and online ads on various social media and platforms that discussed the hacked political content. Google will become the first company to make such a move when the policy is enacted on 1 September.

Twitter, in a similar incident, banned the distribution of hacked content on its platform in 2018 before the US midterm elections. It included not only political content but every other hacked material. It resulted in an unofficial ban of the ads on Twitter, as they need tweets to advertise. According to Google's policy, the following is not allowed: "Ads that directly facilitate or advertise access to hacked material related to political entities within the scope of Google's elections ads policies. This applies to all protected material obtained through the unauthorized intrusion or access of a computer, computer network, or personal electronic device, even if distributed by a third party."