Beware of Phishing emails - how Podesta's account got hacked.

[zapta]

Wikileaks released recently hacked emails from Podesta's account (a political operative that is involved in the current election cycle). Some of the hacked email provide insight on how the account was breached. The user got a phishing email asking him to enter a new password and due to miscommunication with the local IT guy the user clicked on the URL in the phishing account rather than on the correct password changing URL the IT guy provided.

Conclusion, don't trust URLs you didn't found yourself from trusted sources. Same goes for phone number and unsolicited calls.

http://thesmokinggun.com/file/podesta-gmail-hack

http://www.thesmokinggun.com/documents/crime/how-john-podesta-got-hacked-839125

[vodka]

Simply i see that new as form of exculpate to the useless and the incompetence Podesta by passing as IT ignorant .

That are the main characteristics of the good boss: plug-in,useless ,incompetent.

Now , you image if a normal worker or subordinate succes this and the crackers access a confidential documents for Democratic Party.

Automatically, the worker is fired and he has a black stain on his CV during all labour life.


 

[Delta]

From reading the second link, it sounds like it was the IT guys fault.

Quote from the article (emphasis mine)

After the e-mail arrived in Podesta’s account, it appears that his chief of staff, Sara Latham, sought guidance from an IT worker with the Clinton campaign. After examining the “Someone has your password” e-mail, staffer Charles Delavan (seen at left) mistakenly assured Latham and Shane Hable, the campaign’s chief information officer, that, “This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authorization is turned on his account.”

The IT specialist told him that the email he received had received was genuine.  Why wouldn't he then go ahead and click the link contained therein?

[zapta]

The IT guy also send them the correct URL for changing password but they clicked anyway on the phishing link.

[wraper]

The IT guy also send them the correct URL for changing password but they clicked anyway on the phishing link.

As I understand it, that email form "IT guy" with "proper link" was part of the phishing attack.

[Delta]

The IT guy also send them the correct URL for changing password but they clicked anyway on the phishing link.

Yes, but the IT guy said that the phishing email was a genuine email... 

If you're a "non-computer person", and an expert tells you that a certain email is genuine, it's only fair to follow the link in that email...

[zapta]

The IT guy also send them the correct URL for changing password but they clicked anyway on the phishing link.

Yes, but the IT guy said that the phishing email was a genuine email... 

If you're a "non-computer person", and an expert tells you that a certain email is genuine, it's only fair to follow the link in that email...

Good point.

[jonovid]

nuke 38.907192  -77.036871 or drain the swamp, problem solved 

[dannyf]

A couple observations:

1. The Russians didn't do it.
2. You cannot rule out the possibility that the it guy is phishing podesta here. Would it surprise you if the it guy soon commits his suicide by shooting himself twice in the back of his head?

The whole fiasco shows Hollywood's damage: those people seem to think that if you hammer your phones, your emails are gone. They must have watched too many Hollywood movies where they destroy comouters and information within by smashing the screens.

[zapta]

nuke 38.907192  -77.036871 or drain the swamp, problem solved 

Working on it, the swamp drainage part.

[zapta]

1. The Russians didn't do it.

Yes, it was a 181.437KG hacker sitting on his bed.

[wraper]

1. The Russians didn't do it.

Yes, it was a 181.437KG hacker sitting on his bed

But claiming it was (official) Russia it fearmongering at it's best, nothing else. There is zero evidence, and, the most of all, those claims were made instantly with zero backing. Evidence couldn't be obtained that fast, yet any serious evidence. Like that was Russian IP, must be Russian government  . The only purpose of blaming Russia, is moving public attention from the real issue (email contents) to something else - those damn Russians, how could they dare  .

[Red Squirrel]

It's crazy to think that such a high profile account got hacked because of something which is basically rudimentry social engineering.   I would have pictured something much more advanced like someone managed to find a 0-day exploit in the mail server software or something and was able to send a special packet that got them the ability to remotely execute code that could then start to transfer data to their servers or something.  Basically something sophisticated.  But to think all this went down because of an idiot clicking a bad link.     You'd think people would know this by now.  Especially ones working in high profile positions of government.

Either way, this has lead to lot of juicy information being released on Wikileaks.   

[dannyf]

it wouldn't surprise me the least bit if the leaks turn out to be insider jobs.

[helius]

1. The Russians didn't do it.

Yes, it was a 181.437KG hacker sitting on his bed.

That sounds funny, but the original Guccifer really was a nobody working alone (his weight I don't know). He wasn't even a hacker, just someone with a lot of patience for guessing passwords.

Not only should you never click on links in emails, you should never use a graphical program to read your email, since image files can also be infected. And the "security questions" that sites like eBay use are the polar opposite of security: as designed, they are factual data about you that can be guessed by anyone that knows who you are. Guccifer specialized in using "security questions" to get access to his targets' accounts. If a site forces you to input "security questions", then regard them as just another password that must be chosen randomly and stored in your database.

[zapta]

it wouldn't surprise me the least bit if the leaks turn out to be insider jobs.

Like this one?  http://www.nbcwashington.com/news/local/Man-Shot-Killed-in-Northwest-DC-386316391.html 

The nationality of the hackers is orthogonal to the severity of the expose content. Wikileaks has in general very good track record of accuracy.

Not only should you never click on links in emails, you should never use a graphical program to read your email, since image files can also be infected. And the "security questions" that sites like eBay use are the polar opposite of security: as designed, they are factual data about you that can be guessed by anyone that knows who you are. Guccifer specialized in using "security questions" to get access to his targets' accounts. If a site forces you to input "security questions", then regard them as just another password that must be chosen randomly and stored in your database.

I presume that a second factor would solve that. With a second factor even if the hackers get the password through the fake form, they still don't have the second factor.  Anyone  here uses a security key like this one to authenticate?  https://www.yubico.com/products/yubikey-hardware/yubikey-neo/

[wraper]

it wouldn't surprise me the least bit if the leaks turn out to be insider jobs.

Like this one?  http://www.nbcwashington.com/news/local/Man-Shot-Killed-in-Northwest-DC-386316391.html 

Excuse me, but what this has to do with hacking, elections, or insider job? 

[zapta]

it wouldn't surprise me the least bit if the leaks turn out to be insider jobs.

Like this one?  http://www.nbcwashington.com/news/local/Man-Shot-Killed-in-Northwest-DC-386316391.html 

Excuse me, but what this has to do with hacking, elections, or insider job? 

This:

[zapta]

nuke 38.907192  -77.036871 or drain the swamp, problem solved 

Working on it, the swamp drainage part.

Stage 1 completed.

[helius]

The Russian attribution was never supported by any evidence that the open community could validate. The last time "all the intelligence agencies" agreed on something it related to yellowcake and aluminum tubes—we know how well that played out.
This WNYC show delves into the misrepresentations that the mass media commonly have about Russia topics (note that it is very far from a conservative program). It's interesting to speculate about why MSM coverage is so biased, but it may simply be the Murray Gell-Mann Amnesia Effect talking.