FBI Seizes Control of Russian Botnet

The Daily Beast reports that the FBI has seized control of a key server in the Kremlin's global botnet of 500,000 hacked routers. "The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow's ability to reinfect its targets," writes Kevin Poulsen. From the report: The FBI counter-operation goes after "VPN Filter," a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.

VPN Filter uses known vulnerabilities to infect home office routers made by Linksys, MikroTik, NETGEAR, and TP-Link. Once in place, the malware reports back to a command-and-control infrastructure that can install purpose-built plug-ins, according to the researchers. One plug-in lets the hackers eavesdrop on the victim's Internet traffic to steal website credentials; another targets a protocol used in industrial control networks, such as those in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.

Trump is gonna be pissed.

[Anonymous Coward]

He'll shut this FBI operation down immediately. Putin is not going to be happy and the last thing Trump wants is an upset boss.

Re:

[Rei]

Come on, I don't think Russians - and especially Putin - find this whole situation funny [youtu.be].

Re:

[Anonymous Coward]

More interestingly, the Russian IP, the only factual piece of evidence, was for a VPN provider which kept logs. The owner said he was prepared to give the FBI whatever they wanted, but the FBI never asked.

Re:

[Boutzev]

Well, if you think about it one of the guys running Crowdstrike is "Dmitri Alperovitch". It's an Ukrainian name but I guess there are no conflicts of interests.

Re:Trump is gonna be pissed.

[PopeRatzo]

Did they ever release any actual evidence the Russians hacked the DNC?

Mueller's investigation has been almost entirely without leaks, but it was learned that Guccifer 2.0 did in fact slip up and failed to activate his VPN client and exposed himself as being a particular GRU officer who was working out of the agency’s headquarters on Grizodubovoy Street in Moscow. This is a fact that is now accepted across the political spectrum.

https://www.thedailybeast.com/... [thedailybeast.com]

https://townhall.com/tipsheet/... [townhall.com]

Even the sitting President's own lawyer, Rudy Giuliani, is now working from the talking points that say that the Russian interference in the election (including the hack) was a "gift" from Russia and so it's not collusion.

"Giuliani initially disputed the notion that Trump’s daily citing, in the final month of his campaign, of Russian-aligned WikiLeaks and its release of Russian-stolen emails constituted “colluding” with Russia.

“It is not,” Giuliani said.

Then he switched tacks.

“OK, and if it is, it isn’t illegal... It was sort of like a gift,” he said. “And you’re not involved in the illegality of getting it.”

Re:

[Impy the Impiuos Imp]

I'm happy with more countries begging NATO for admission, as safety against Russian militarism.

The only people Poland, Romania, and the Latvian countries want in them less than NATO are your bosses, the dictatorship Rooskies.

Re:

[Zocalo]

OK, and if it is, it isn’t illegal... It was sort of like a gift,” he said. “And you’re not involved in the illegality of getting it.”

OK, let's run with that. Since my job entails potential exposure to bribery (albeit EU based rather than US) I have to do ethics training every now and again, and I'm pretty damn sure that any non-trivial "gifts" need to be declared lest they fall foul of bribery legislation - bribes are not just monetary after all. Assuming that's similar to

Re:

[drinkypoo]

On past experience, Trump doesn't seem to suffer people who cause him problems gladly,

Except himself. He's caused himself all of these problems by getting into bed with Putin. He thought he was a big swinging dick, but Putin is showing him how it's really done. Trump might be able to game the corporate system, but he is way out of his depth in politics. He's used to finding someone to fleece by simply moving on from the people who can see through his lies, but he can't just move on now. He actually has to deal with where he is, and Trump doesn't know how to do that and never has. That's why

Re:

[ph1ll]

" it was learned that Guccifer 2.0 did in fact slip up and failed to activate his VPN client and exposed himself as being ... in Moscow. This is a fact that is now accepted across the political spectrum."

That's far from the consensus (see “Why would diabolically skilled Russian operatives operate so sloppily?” [theintercept.com]).

The evidence of Russian hacking is either circumstantial (for example that hackers kept Moscow office hours because as we all know, hackers are famous for their 9-to-5 routine). Or

Re:

[dunkelfalke]

The "Moscow office hours" evidence is especially ridiculous - Moscow's 9-to-5 is CEST 8-to-4, a perfectly typical office hour time here in Germany.

Cohen's payoff

[Anonymous Coward]

Cohens payoff to the Russian hackers also isn't verified....

Yet.

If FBI have Cohen surveillance data, then everyone from Trump, Hannity, that Prince, the GOP fundraiser (forget his name, the one who paid his GF to have an abortion), all of them are facing jail time.

If you don't understand how it worked, Cohen is a money launderer. He receives money people are not supposed to have (e.g. bribes, payoffs, tax dodging), and pays their bills with that money (e.g. hookers, bribes to others, property deal launderin

Re: Trump is gonna be pissed.

[Anonymous Coward]

Hence all the indictments and guilty pleas.

Re:

[Terry Carlino]

Guilty pleas for lying to the FBI about doing things that are not illegal. It works like this. I go to a movie while I'm suppose to be washing the car. Going to a movie is not illegal. The FBI comes up to me and says, "You know your wife says you were washing the car. Is that true?" You say, "Yes." You have just committed a felony. By the way the FBI never talked to your wife. he was lying. He's allowed to do that.

Re:

[Shotgun]

That is a bit controversial:

https://www.cnn.com/2018/05/21... [cnn.com]

Re:Trump is gonna be pissed.

[deathguppie]

The FBI does not release evidence regarding ongoing investigations. That's pretty much been a mainstay of law enforcement around the world, not just the FBI.

Re:

[Xenographic]

Is that why Comey gave his memos to his lawyer friend to give to the press and then they fought to avoid letting Congress see them?

Yes, but nothing worth mentioning

[Xenographic]

> Did they ever release any actual evidence the Russians hacked the DNC?

They released the CrowdStrike report [voanews.eu] which said they think it was a Russian APT based on various signatures, such as an old copy of Ukranian malware called P.A.S. and a bunch of tor exit nodes, which they presented but failed to identify. They later retracted some of their claims [voanews.com]. The DNC did not at any time turn over the affected servers to the FBI or anyone else, as one might expect for such a serious crime as was alleged.

Then th

Re:Yes, but nothing worth mentioning

[Dare nMc]

> The DNC did not at any time turn over the affected servers to the FBI or anyone else, as one might expect for such a serious crime as was alleged.

The DNC coordinated with the FBI and federal intelligence agencies and provided everything they requested, including copies of DNC servers," Watson said. She added that the copy contains the same information as the physical server. [politifact.com]

So it is technically correct the DNC didn't turn over the physical hardware, but they provided a image of everything on the servers. "Everything Requested."

Watergate under the bridge

[Xenographic]

There are a few tricks played in that article. One, it doesn't matter whether Podesta himself did or didn't deny anything, it actually matters what analysis the FBI did and whether the FBI got anything.

Two, the FBI relied on the CrowdStrike report and doesn't appear to have done any actual analysis of them. If they have HD images, it's weird that they don't just say so ("forensics" is rather vague, though it plausibly includes such) and it's sort of odd they didn't want to inspect the hardware for tamperi

Re:

[Dare nMc]

I get you want a conspiracy, so your trying to invent one. That article is not written about your post, it was about another false claim by the POTUS attacking Podesta, that is why Podesta is important, because the president falsely attacked him.

There are plenty of articles, and direct statements by Comey, that those Images were analyzed by the FBI, and did suffice. The DNC did contact FBI directly about the hacked server, and it was just another hack, until a year later the emails were used to attack our

Re:

[Xenographic]

> That article is not written about your post

You're now complaining that your own article is irrelevant because I used it against you? Then why the hell did you try to use it to counter my point when it actually supports it?

> There are plenty of articles, and direct statements by Comey, that those Images were analyzed by the FBI, and did suffice. The DNC did contact FBI directly about the hacked server, and it was just another hack, until a year later the emails were used to attack our democracy.

So c

Re:

[Dare nMc]

This [crowdstrike.com] is the guy the DNC hired for their server and worked with Comey. Everything else you posted about is just using your own "alternate Facts" to invent another conspiracy.

Re:

[Xenographic]

You previously said: "The DNC hired Cloudstrike, and thus the #3 guy in the FBI to directly investigate this interference" -- when you should have said CrowdStrike.

Now you finally name who you have in mind, something not listed in your prior source (Snopes), yet the new bio you now point to says he's a "a retired executive assistant director of the FBI" (emphasis added). His name does not appear on the report [voanews.eu], so you haven't even bothered to prove that much.

And even if he did, it wouldn't matter. That ST

Re:

[Dare nMc]

If you can read the bio of Alperovitch, CrowdStrike, and of Shawn Henry who were paid $60k to investigate this server, and your only take away is that Alperovitch was a Russian plant, their is just no helping someone so lacking in intelligence and so biased to even warrant any more facts. Seriously, try and find 3 better people in the whole world to better investigate this. SAD!!! Seriously, google some history on them, and you want to claim Alperovitch is a Russian plant???? Their is just no way to ov

Re:

[Xenographic]

You're putting words in my mouth. I just said it was 'funny'. You hallucinated everything else on your own and then started arguing with your own hallucination.

You've done nothing to refute the point that the feds don't give a damn about actually investigating this, because you're once again running down the tangent that 3rd parties were paid by the DNC. You point out that the DNC paid $60k for a 3rd party investigation, but hell, the FBI can spend $90k on a damned table [theconserv...ehouse.com], so you're once again are undercu

Re:

[Dare nMc]

Becuase you have no evidence, other than what you want to believe. You got the 3 most qualified people in the WORLD to investigate this, who did investigate it. You got the director of the FBI at the time who said they got everything they requested, you got a FBI, CIA, NSA, senate who says the Russians did this. You got a special prosecutor who has indicted 20 people and Guilty pleas by 4 high level campaign guilty pleas related to Russia, and a ongoing investigation still. But OMG I got a letter from s

Re:

[Xenographic]

> Becuase you have no evidence, other than what you want to believe.

The shoe is on the other foot. I'm asking for evidence the feds (NOT 3rd parties) have done a serious investigation here and what evidence THEY have other than their say-so. It's ironic that, so far, I'm the only one to list any of their evidence at all and that I can remember it off the top of my head because it's a very short list for what should be a serious, federal investigation (not a 3rd party report).

> You got the 3 most qua

Re:

[Xenographic]

You're playing another one yourself. I don't care if they did as they were asked. I care if they made a serious attempt to actually investigate this. You're arguing an irrelevant point that I'm not making.

You might think that something like a nation state attacking our democracy would be somehow important. That people would seriously do everything in their power to go over every detail.

Yet somehow they act as if they don't give a damn about looking at the evidence. Why is that? It's funny that they ju

Re:

[JustAnotherOldGuy]

Did they ever release any actual evidence the Russians hacked the DNC?

Yes. Try to keep up.

Dutch hacked Cozy Bear security camera

[UpnAtom]

So the NSA knew a lot about them and their deep links to the FSB.

https://arstechnica.com/inform... [arstechnica.com]

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[fafalone]

Trump isn't stupid enough to...

There's nothing you can end that sentence with that would be true.

Makes no sense

[SuperKendall]

You think *Trump* will be pissed about a botnet being offline? Why exactly?

Even if you believe the line being peddled Trump and the Russians had any connection (long since disproven by Trumps antagonizing moves towards Russia, if you really want something interesting look to Trump and China...) remember it wasn't any bot net that got into the DNC, it was phishing and social engineering [ycombinator.com]...

Re:

[Joce640k]

Here's a nickel. Get yourself a proper keyboard,

Re:

[JustAnotherOldGuy]

Oh you poor, poor baby. Life is so hard. Do you need a hug, cupcake?

I'm safe

[I4ko]

I have a home home router not a home office router. My home office is connected via a hub to the intenets.

Re:I'm safe

[Rei]

I think Fancy Bear comes in through the data pipes, so you'll need a firewall to stop them. Which I think means you have to get firewire first? I've been thinking about having the IT out to install it, I already have a propane tank so it shouldn't cost too much? I shut my computer off at night but I know that a really good hacker could just turn it back on and get in.

Re: Lock Him Up!

[Anonymous Coward]

The FBI gets caught with orders from Obama to spy on Trump and you come to this conclusion? Your deduction skills are something to behold!

Re: Lock Him Up!

[JustAnotherOldGuy]

The claim (by Donald Trump and others) is that Hillary Clinton approved a deal giving a Russian company named "Rosatom" 20 percent of our uranium.

But that's not true. The Clinton State Department had no power to veto or approve the Rosatom transaction, AKA "Uranium One". It could do neither. Here’s how it does work.

Uranium One is the name of a South Africa-based mining company.

Back in 2007 it merged with "Urasia Energy" based in Canada. And in 2010 the mining arm of the Russian nuclear agency Rosatom, bought controlling interest in the company. Among other places, that mining company had operations in Wyoming that amounted to what the Nuclear Regulatory Commissions or the NRC said was at the time was about 20% uranium production capacity in the U.S.

By law, when a foreign company wants to buy ANYTHING with potential national security implications, an interagency committee of the federal government must approve it. The committee was given a broad mandate under President Reagan to advise the president on foreign investment transactions.

That committee is called CFIUS (Committee on Foreign Investment in the United States). It includes nine department heads. The Secretary of the Treasury is the chair person. The rest are the Departments of Justice, Homeland Security, Commerce, Defense, State and Energy, plus the Office of U.S. Trade Representative, and the Office of Science and Technology Policy. That’s CFIUS. The nine department heads all approved the sale of Uranium One.

It was unanimous - not a Hillary Clinton approval.

Also, the State Department wasn't even represented by Hillary Clinton at CIFUS. The Assistant Secretary of State, Jose Fernando, represented the State Department on CFIUS, not Hillary Clinton. And Jose Fernando stated that Clinton never intervened.

Further, neither Secretary Clinton nor the committee as a whole could stop any deal of this kind, even if they wanted to.

The committee members evaluate the sale of anything potentially related to national security.

By law, if just one member objects, the president and only the president can veto such a transaction. No committee member of the nine objected.

The whole "Uranium One" accusation is predicated on the charge that "Secretary Clinton approved the sale". She did not, and more to the point, she couldn't because the as Secretary of State, she didn't have the power to do that.

This whole "Clinton gave away our uranium" thing is just plain bullshit.

Go ahead, think whatever you like. Don't take my word for it. These are the facts and you can verify all of them by spending a minute or two on Google.

Re:

[clovis]

Thank you.

Re:

[JustAnotherOldGuy]

You're welcome.

This is getting ridiculous

[NicknameUnavailable]

Actually, it was already ridiculous, but the idea they are saying they seized a botnet infected wifi router in the fight against Trump is just fucking absurd.

Re:

[Rei]

Who is saying that this botnet seizure is part of a fight against Trump?

what's the score?

[Phantom of the Opera]

5 guilty pleas, 17 indictments of people close to Trump?

Re:

[Xenographic]

It's weird that you count guilty pleas of someone who was working for Podesta's firm at the time. You remember Hillary's campaign manager and his brother, right?

Of course, the firm itself was somehow allowed to retroactively file a FARA registration instead of being charged. Funny that...

And a bunch of the indictments are for people in Russia they didn't expect to show up. Some of the companies have sent lawyers to fight the charges and have demanded their right to a speedy trial. So, let's wait and see

Re:

[Phantom of the Opera]

What makes you think the Russian's wouldn't try to buy both sides?

Fee Chechnya and Dagastan.
Arrest Putin, the Criminal responsible for plundering Russia!

Re:

[Phantom of the Opera]

So Mueller, a conservative Republican appointed by a conservative Republican, is somehow involved in conspiracies of the infowars credibility level.

Flynn's flipped and is tattling about all the naughty things that Trump & co have been up to.

Fee Chechnya and Dagastan.
Arrest Putin, the Criminal responsible for plundering Russia!

Re:

[Xenographic]

Well they can just have fun with the Hatch Act, then.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Zontar The Mindless]

You did not answer Rei's question: Who is making such claims?

free Chechnya and Dagestan

[Phantom of the Opera]

And arrest the criminal Putin.
I wonder if the Russian trolls get in trouble for talking to people that call for Chechnya to be free.

Trump keeps screwing off the FBI

[rsilvergun]

they're gonna do what they can to push back. The FBI is not run by idiots, even if the rest of the country is.

If Trump did nothing wrong

[Phantom of the Opera]

He should have nothing to fear.

Re:

[NicknameUnavailable]

Are you forgetting that Obama had Michael Hastings killed for investigating corruption as a mere journalist? Trump is trying to stop corruption in every branch and department of the government at once, along with the DNC. The DNC is running on the platform that they'll impeach him without cause if they win in the fall. He has nothing to fear if he wins, in which case he'll likely go down in history as one of America's greatest presidents. He has lots to fear if he loses, in which case his family will pr

Re:

[Phantom of the Opera]

Booooga Boooga!

Free Chencnya and Dagastan?

Re:

[Phantom of the Opera]

The DNC should also be investigated, sure, but Trump's money laundering is a pretty serious offense.

Fucking Big Idiots what?

[drinkypoo]

The FBI is not known for its stunning competence [ranker.com].

Re:

[oh_my_080980980]

You mean the FBI agent that texted his lover that they were going to take the down the President because they didn't like him was not an idiot? Wow.

Conservatives are like Captain Ahab

[Anonymous Coward]

Captain Ahab was so utterly consumed by hate that he was ready to lose everything, his ship, his crew, his own life, just as long as he killed Moby-Dick.

Similarly, conservatives are so completely and utterly infused and consumed by their hatred of liberals that they are ready to sacrifice everything, their country, their family, the future of their planet and their children, for every opportunity to piss-off and otherwise hurt that damn liberal white whale.

Re: Conservatives are like Captain Ahab

[Anonymous Coward]

Same goes for liberals. Everyone has lost their marbles.

Re:

[Anonymous Coward]

Liberals? Nah. Sure, there are some left-wing extremists, similar to the right-wing extremists. There is a pretty significant difference, though. The left-wing extremists are fewer in number, are marginalized by the Democratic party, and have little actual power. The right-wing extremists are significant in number, run the Republican party, and hold many high offices, including the Speakership of the House, Senate Majority leadership, and the Presidency.

So, while there are parallels in kind, there i

Re:

[Terry Carlino]

I think you have it reverse. As Greg Gutfeld is fond of saying, "The difference between Liberals an Conservatives is that Conservatives think that Liberals are wrong, and Liberals think Conservatives are Evil." When your opponent is evil you can justify any action you take against them, including scurrilous personal attacks based on nothing and subversion of the democratic process and the law. As we have seen with the FBI, the DNC and all.

Re:

[Green Mountain Bot]

Greg Gutfeld is willfully ignorant if he thinks conservatives don't think liberals are evil.

Re:

[Anonymous Coward]

No, the parent poster is correct. You can literally look at any conservative media and you will hear them screaming and crying about how "evil" liberals are, while liberals just shake their heads and find facts. This is also why you see the majority of conservatives on the internet openly wishing for a civil war so they can finally have an excuse to go on the killing sprees they fantasize openly about.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[eaglesrule]

If you question the narrative, you're unpatriotic and a pawn of the enemy.

Where the fuck have I heard this before. Oh that's right, just before we went to war with Iraq.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[eaglesrule]

Well, that escalated quickly.

Yeah, let's go to war with a nuclear power, based only on the word of TLA 'assessments' and the filthy liars at the DNC and their paid consultants Crowdstrike. If James Clapper says so, it must be true.

Holy fucking hell that is some Jonestown level kool-aid. Is that what we can expect from media matters and shareblue trolls now?

Re:

[Phantom of the Opera]

Russia prefers chaos.
China prefers order.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Phantom of the Opera]

China prefers predictability.

Fancy Bear did what?

[AHuxley]

The political documents walked out. They did not get moved out by a "network".
"Former NSA experts say it wasn’t a hack at all, but a leak" (Aug 9, 2017)
https://www.thenation.com/arti... [thenation.com]
"... demonstrating that 23 MB/s is a typical transfer rate when using a USB–2 flash device (thumb drive).”"

Re:

[gweihir]

Naaa, cannot be. This does not fit the political narrative, so it must obviously be untrue. Lets see what the liar-in-chief tweets about it, then we will know what to believe!

Re:

[AHuxley]

Its a Pentagon papers like walk out due to domestic US politics.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[oh_my_080980980]

What discredited evidence? The existing forensic evidence supports the DNC "hack" was an inside job. There has been NO independently verified evidence presented to support a hack. The FBI was not allowed to examine the servers! All we have is an OPINION (that's what an assessment is) by the US government by a bunch of hand picked analysts - that goes against standard operating procedures - and the ravings of a candidate that lost an election.

You can fuck off now.

..and we don't have something like it?

[thexfile]

Get control of the latest hacked Photoshop. :-\

The group that hacked the DNC Really?

[Anonymous Coward]

Last time I checked, Debbie Wasserman Schultz refused to hand over the hacked server to the FBI. They instead asked CloudStrike to look it over and do an analysis. Further, the speed at which the e-mails were removed from the server could only have been accomplished with directly attached storage (USB attached flash drive is the current best guess)... Then The e-mails started being published by WikiLeaks. After Seth Rich died in the non-robbery, Julianne Assange has put all kinds of message out about th

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[oh_my_080980980]

Real tech people know you need to examine the original server to determine if it was hacked.

Real tech people know bull shit is happening when the FBI was denied access to the DNC mail servers but had complete access to Jennifer Lawrence's cell phone when it was hacked.

And you wonder why most people in America know the Media Matter trolls are spouting bull shit.

Fuck off David Brock

Re:

[eaglesrule]

1. Chain of custody, understand what it is and why it's important.

2. Continuing to use a server for handling sensitive information even after it is known or suspected of being compromised, and using convenience as an excuse is stupid. To compound it by making it an excuse to also not turn evidence over to law enforcement is beyond stupid.

"Trust us" when there is no credibility is evidence that only a fool would believe.