The Month in Hacks: October 2016

Details emerge regarding how John Podesta's email was hacked and who was behind it, Russia deals with a breach of their own and a major DDoS attack temporarily causes frenzy across the internet. It's all this and more in The Month in Hacks.

Phishing Scam to Blame for Podesta Hack

A phishing scam is now being identified as the method used to hack Clinton Campaign Manager John Podesta's email, reported CNN on October 28. The phishing email was designed to appear as from Google and it is reported that, “a closer look at the actual mailing address [showed] an unfamiliar or bogus-looking account: ‘'” It claimed someone in Ukraine had stolen Podesta's password. An email thread released by Wikileaks shows that the campaign IT staff believed the message to be legitimate; however, they advised Podesta to update his credentials directly with Google. The Clinton campaign has not commented but some security experts are speaking out again to connect Russia to the hack. SecureWorks, “points to evidence that “Fancy Bear” -- the name of the cyberespionage group also believed to have carried out the allegedly Russia-led DNC hacks -- was involved in the Podesta thefts . . . [and] has linked the account used in the Podesta phishing attack to ‘Fancy Bear.'”

Email Hack of Top Putin Aide Reveals Secrets

On October 27, NBC News reported that a Ukrainian hacking group, Cyber Hunta, had released more than a gigabyte of emails and other office materials belonging to Vladimir Putin's top aide, Vladislav Surkov. The stolen emails reportedly reveal Moscow's close ties to the separatist movement in Ukraine. In response to the hack, “[o]ne U.S. official told NBC News that the material confirms much of what the U.S. believed was going on at the time, that the Kremlin was running the separatists at a micro-level.”

DDoS Attack Hits Entire Internet

Service at top websites, including Twitter, Spotify, Amazon, Reddit, Yelp, Netflix, and The New York Times, was affected by an internet-wide distributed denial of service (DDoS) attack, reported Forbes on October 21. Researchers at the security firm Flashpoint have found a Mirai botnet attacking Dyn, a major DNS (Domain Name Service) host. “A significant proportion of the DDoS attack traffic targeting Dyn is being sourced from compromised IoT devices participating in Mirai botnets,” says Roland Dobbins of Arbor Networks.

BuzzFeed and Business Insider Breached by Celeb Hackers

After BuzzFeed published a story alleging that the notorious celebrity hackers OurMine consisted of a single Saudi Arabian teenager, the group retaliated by targeting the site, reported WIRED on October 5. Several headlines on the news site were changed to “HACKED BY OURMINE.” One article was altered to read “Hacked by OurMine team, don't share fake news about us again, we have your database. Next time it will be public. Don't f*@k with OurMine again.”

BuzzFeed wasn't the only news organization hacked by OurMine. Business Insider reported on November 2 that OurMine had breached its U.S. site by posting, "[h]ey, don't worry we are just testing your security, we didn't change your password or anything.”

Weebly and Foursquare Linked to Mega Breaches

Millions of accounts have now been reported as being stolen in a February hack on tech giant Weebly, reported ZDNet on October 20. Usernames, email addresses, passwords, and IP addresses were stolen. The company notified customers and initiated password resets.

News came out at the same time that Foursquare was also attacked with 22.5 million accounts stolen in a mega beach. Foursquare's spokesperson has however denied that there was a breach.

United Nations Nuclear Plant Hacked

The International Atomic Energy Agency confirmed that a UN nuclear plant was hacked several years ago, according to an October 11 report by ZDNet. The hackers also tried to steal uranium. The breach has been described as “disruptive” rather than destructive. "This issue of cyberattacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything or if it's the tip of the iceberg," said Agency director Yukiya Amano."

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.