Additional researchers have been able to corroborate previous claims by security firm CrowdStrike that Russia really did hack the Democratic National Congress:
Describing themselves as a “lone hacker,” Guccifer 2.0 wrote in a blog post: “Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by ‘sophisticated’ hacker groups. I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy.”
However, security firms aren’t buying it. Some suggest this is a deliberate “disinformation campaign” to deflect blame away from Russian spy agencies.
Security researchers at Fidelis took a look at the DNC malware, and in a blog post published on Monday they say CrowdStike is correct. “Based on our comparative analysis we agree with CrowdStrike and believe that the COZY BEAR and FANCY BEAR APT groups were involved in successful intrusions at the DNC. The malware samples contain data and programming elements that are similar to malware that we have encountered in past incident response investigations and are linked to similar threat actors.”
(Cozy Bear and Fancy Bear are alternate names for the Russian government-affiliated hacking groups.)
Likewise, a researcher at security firm Mandiant told The Washington Post “that the malware and associated servers are consistent with those” that have been used before by the groups.
No surprises whatsoever. Russia is very sophisticated, and the type of information they exfiltrated from the DNC could be quite valuable to their leadership should Trump be elected President.