Hackers accessed voter information from state websites and sent threatening emails



As the 2020 presidential election begins in the United States on the night of November 3, 2020, Japan time, there is increasing caution against hacking and the spread of misinformation related to the election. On October 27, the official site of the Trump presidential camp has been hacked 'This site has been seized' and

are displayed , but also has occurred damage such as, new, web site of the United States 10 states by hackers of Iranian Has been hacked and it has been revealed that voter information has been leaked.

Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data | CISA
https://us-cert.cisa.gov/ncas/alerts/aa20-304a



Iranian hackers probed election-related websites in 10 states, US officials say
https://www.cyberscoop.com/iran-election-hacking-state-websites-probe-fbi/

FBI: How Iranian hackers stole voter info from state election sites
https://www.bleepingcomputer.com/news/security/fbi-how-iranian-hackers-stole-voter-info-from-state-election-sites/

At the end of September 2020, it was revealed that an unidentified hacker visited websites in 10 states and regions in the United States and attempted to steal information about the website, voters, and authorities. According to Jermaine Roubak of the Department of Homeland Security's Department of Homeland Protection and Programs (CISA), hackers have successfully accessed the voter database after misconfiguration of their website in at least one state. Attempts to download voter information were made between September 29th and October 17th.



The attack was revealed when thousands of American voters were randomly sent threatening emails in the name of Trump supporters, spreading false information.

Although not all hackers attacking websites in 10 states are the same, there was some duplication of technical information such as IP addresses, IP ranges, and VPN exit nodes. The CISA and FBI are aware that the attackers are Iran's APT attack groups .

Authorities are reportedly in the process of checking the websites of the states targeted by the attack and fixing the problem areas. However, it has not been announced where the targeted states were. Authorities also stated that there was no evidence that the attack affected the voting process and that voting integrity was preserved.

in Security, Posted by darkhorse_log