Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Cyber Firm Rewrites Part of Disputed Russian Hacking Report
This news is being used to attack the credibility of the #TrumpRussia investigation by right-wing posters on Twitter.Cyber Firm Rewrites Part of Disputed Russian Hacking Report
WASHINGTON —
WASHINGTON —
U.S. cybersecurity firm CrowdStrike has revised and retracted statements it used to buttress claims of Russian hacking during last year's American presidential election campaign. The shift followed a VOA report that the company misrepresented data published by an influential British think tank.
In December, CrowdStrike said it found evidence that Russians hacked into a Ukrainian artillery app, contributing to heavy losses of howitzers in Ukraine's war with pro-Russian separatists.
VOA reported Tuesday that the International Institute for Strategic Studies (IISS), which publishes an annual reference estimating the strength of world armed forces, disavowed the CrowdStrike report and said it had never been contacted by the company.
Ukraine's Ministry of Defense also has stated that the combat losses and hacking never happened. ..............
In December, CrowdStrike said it found evidence that Russians hacked into a Ukrainian artillery app, contributing to heavy losses of howitzers in Ukraine's war with pro-Russian separatists.
VOA reported Tuesday that the International Institute for Strategic Studies (IISS), which publishes an annual reference estimating the strength of world armed forces, disavowed the CrowdStrike report and said it had never been contacted by the company.
Ukraine's Ministry of Defense also has stated that the combat losses and hacking never happened. ..............
Apparently, the assumption that Russian state actors are the only ones using the spyware Fancy Bear is associated with is patently false. Anyone could be the DNC hacker given the following information:
The GRU-Ukraine Artillery Hack That May Never Have Happened
X-Agent Is In The Wild
Crowdstrike, along with FireEye and other cybersecurity companies, have long propagated the claim that Fancy Bear and all of its affiliated monikers (APT28, Sednit, Sofacy, Strontium, Tsar Team, Pawn Storm, etc.) were the exclusive developers and users of X-Agent. We now know that is false.
ESET was able to obtain the complete source code for X-Agent (aka Xagent) for the Linux OS with a compilation date of July 2015. [5]
A hacker known as RUH8 aka Sean Townsend with the Ukrainian Cyber Alliance has informed me that he has also obtained the source code for X-Agent Linux. [11]
If both a security company and a hacker collective have the X-Agent source code, then so do others, and attribution to APT28/Fancy Bear/GRU based solely upon the presumption of “exclusive use” must be thrown out.
This doesn’t mean that the Russian government may not choose to use it. In fact, Sean Townsend believes that the Russian security services DO use it but he also knows that they aren’t the only ones.
X-Agent Is In The Wild
Crowdstrike, along with FireEye and other cybersecurity companies, have long propagated the claim that Fancy Bear and all of its affiliated monikers (APT28, Sednit, Sofacy, Strontium, Tsar Team, Pawn Storm, etc.) were the exclusive developers and users of X-Agent. We now know that is false.
ESET was able to obtain the complete source code for X-Agent (aka Xagent) for the Linux OS with a compilation date of July 2015. [5]
A hacker known as RUH8 aka Sean Townsend with the Ukrainian Cyber Alliance has informed me that he has also obtained the source code for X-Agent Linux. [11]
If both a security company and a hacker collective have the X-Agent source code, then so do others, and attribution to APT28/Fancy Bear/GRU based solely upon the presumption of “exclusive use” must be thrown out.
This doesn’t mean that the Russian government may not choose to use it. In fact, Sean Townsend believes that the Russian security services DO use it but he also knows that they aren’t the only ones.
Those criticizing the #TrumpRussia investigation no doubt are partisan hacks (pun intended) who are not willing or able to deploy a bit of critical reasoning and/or more than willing to hide the results of simple reasoning to attempt to discredit the investigation. We can be certain the FBI is fully aware of all the above, and a logical conclusion of the use of this new information is that it is now likelier that the Trump campaign deployed the hackers themselves. The right-wing tweeters ignore this logic.
What I see going on currently in winger media is an attempt to turn Trump's Russian collusion investigation into an attack on Obama with false claims of political espionage, literally projecting the crimes of the 2016 election onto the party victimized by the crimes and to attack the person Trump hates even more than Hillary, President Obama. This is a concerted efforts spanning from Trump's tweets to Wikileaks and all sorts of fake news outlets and Twitter accounts, a complete media campaign to undermine the #TrumpRussia investigation. Expect this to include the Republicans involved in the House and Senate investigations.
Link to tweet
Link to tweet
3 replies
= new reply since forum marked as read
= new reply since forum marked as read
