U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Lone DNC Hacker Guccifer 2.0 is linked to the GRU, the Russian military intelligence agency

The US investigators concluded that the Russia-linked hacker Guccifer 2.0 is directly tied to the GRU, the Russian military intelligence agency. Guccifer 2.0 is the alleged hacker behind the DNC hack that also released a huge trove of documents about House Democrats, including Nancy Pelosi’s sensitive data. In February 2016, researchers from security company CrowdStrike, pointed out that […]

Guccifer 2.0

The US investigators concluded that the Russia-linked hacker Guccifer 2.0 is directly tied to the GRU, the Russian military intelligence agency.

Guccifer 2.0 is the alleged hacker behind the DNC hack that also released a huge trove of documents about House Democrats, including Nancy Pelosi’s sensitive data.

Guccifer 2.0

In February 2016, researchers from security company CrowdStrike, pointed out that the DNC attack wasn’t the result of the action of a lone wolf, instead, two sophisticated Russian espionage groupsCOZY BEAR and FANCY BEAR were involved in the cyber espionage operation.

A portion of the intelligence community believes that the Russia-linked hacker Guccifer 2.0 is a Russian intelligence agent.

This week, The Daily Beast published a report that confirms that Guccifer 2.0 is linked to the GRU, Russia’s military intelligence agency.

“Guccifer 2.0, the “lone hacker” who took credit for providing WikiLeaks with stolen emails from the Democratic National Committee, was in fact an officer of Russia’s military intelligence directorate (GRU), The Daily Beast has learned.” reads the analysis published by The Daily Beast.

“It’s an attribution that resulted from a fleeting but critical slip-up in GRU tradecraft.”

In January 2017, the US intelligence linked the the DNC hack and the cyber attacks against the Hillary Clinton’s campaign to Russian intelligence groups.

Guccifer 2.0 took credit for some of the attacks denying any link with the Kremlin, by US authorities believe the hacker is a product of a Russian disinformation campaign.

The experts at cybersecurity firm ThreatConnect also determined that Guccifer 2.0 was linked to Russian intelligence. According to ThreatConnect, Guccifer 2.0 had been using a Virtual Private Network service, Elite VPN, to remain anonymous, but on one occasion he failed to activate the VPN client before logging on.

According to a source familiar with the government’s Guccifer investigation, the hacker was using a system having a Moscow-based IP address that was logged by an American social media company.

“Almost immediately various cyber security companies and individuals were skeptical of Guccifer 2.0 and the backstory that he had generated for himself,” said Kyle Ehmke, an intelligence researcher at the cyber security firm ThreatConnect. “We started seeing these inconsistencies that led back to the idea that he was created hastily… by the individual or individuals that affected the DNC compromise.”

“Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow. (The Daily Beast’s sources did not disclose which particular officer worked as Guccifer.)” continues the report.

The GRU military agency is believed to run the dreaded Fancy Bear APT, that is behind the DNC hack, cyber espionage campaign against NATO and Obama’s White House and cyber attacks against the World Anti-Doping Agency, and numerous militaries and government agencies in Europe, Central Asia, and the Caucasus.

The special counsel Robert Mueller determined that Russia intelligence interfered with US elections in the attempt to boost Trump’s candidacy.

On July 22, 2016, WikiLeaks began releasing the documents stolen by Guccifer 2.0, a huge trove of approximately 19,000 emails and 8,000 attachments stolen by the hacker. Trump promptly promoted the leak on Twitter, while his adviser Roger Stone in an article written for Breitbart (a name familiar with Cambridge Analytica case too), sustained that Guccifer 2.0 was a Romanian hacktivist.

“Sometime after its hasty launch, the Guccifer persona was handed off to a more experienced GRU officer, according to a source familiar with the matter. The timing of that handoff is unclear, but Guccifer 2.0’s last blog post, from Jan. 12, 2017, evinced a far greater command of English than the persona’s earlier efforts.” concluded The Daily Beast.

“It’s obvious that the intelligence agencies are deliberately falsifying evidence,” the post read. “In my opinion, they’re playing into the hands of the Democrats who are trying to blame foreign actors for their failure.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Guccifer 2.0, Russia)

[adrotate banner=”5″]

[adrotate banner=”13″]