A hacking scheme targeting the Democratic National Committee was discovered and shut down on Tuesday, two years after Russian hackers infiltrated the DNC in the lead up to the 2016 U.S. presidential elections.
Unidentified hackers had spoofed a login page for VoteBuilder, the party’s voter data website, in a bid to trick victims into revealing personal information including usernames and passwords through phishing, researchers from cybersecurity firm Lookout discovered this week.
VoteBuilder is frequently accessed by campaign managers and state parties in the space. The spoofed page asked users to enter their credentials. When successful, the phishing attempt would enable hackers to gain unauthorized access to campaign computers. Cybersecurity firm Lookout and cloud service company DigitalOcean have notified the DNC, warning them of the fake login page which has since been taken down.
“No bad actors were able to access VoteBuilder or change or delete any of our voter file information,” said the Democratic official, speaking to Reuters. “We believe that this was the beginning of a sophisticated attempt to hack into our voter file and we are treating it as such.”
A Lookout security researcher stressed the scam did not fool anyone into entering their credentials as the page was quickly taken down. He further added that the owner registry information used to launch the spoof website was obfuscated.
The attempt draws parallels to Russian hackers infiltrating the DNC during the US presidential elections, as recent indictments filed against 12 Russian agents revealed.
DNC chief security officer Bob Lord added damningly in a statement:
This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks
The DNC has reported the incident to the Federal Bureau of Investigation (FBI) on Tuesday.
Image credit: Pexels.