An attempt has just been made, once again, to hack the Democratic National Committee. This time, the target: the Democratic Party’s voter database.
CNN is reporting that on Tuesday, the DNC reached out to the FBI to inform them of the attempted hack after a cybersecurity firm discovered a website that faked the look of VoteBuilder, the party’s voter database login page.
The cybersecurity firm that first found the fake page, Lookout, does not work for the DNC, but itimmediately reached out to the party upon discovering the hacking attempt.
In a statement provided to Mashable by Lookout, the firm explained how its “phishing AI detection discovered a domain with a custom phishing kit deployed on DigitalOcean,” which is a web hosting provider. “After notifying the hosting provider the phishing site was then taken down by DigitalOcean within hours.” In addition to reach out to the DigitalOcean and the DNC, Mike Murray, Lookout’s VP of Security Intelligence, also contacted NGP VAN, the Democratic Party’s tech provider which operates the VoteBuilder website.
CNN’s Democratic source believes that this hacking attempt was unsuccessful.
These sorts of attacks, known as spear phishing, have previously been deployed against the DNC. The now infamous DNC emails of the 2016 election were obtained via a phishing campaign targeting Democratic staffers. These operations work by mimicking the design of the actual login page of whatever service its targets use which the hacker wants to access. With spear phishing, hackers can easily reach multiple targets and increase their chances of just one staffer mistaking a fake login page for the real thing and providing the hacker with their username and password.
Russia’s intelligence agency was behind the 2016 DNC email hack, as we now know through special counsel Robert Mueller’s indictments against 12 Russian intelligence officers earlier last month.
Microsoft had recently announced two separate incidents where they seized domains used in unsuccessful spear phishing operations via court order. Those attempts, which were also linked to Russia, targeted vulnerable Congressional Democrats as well as conservative think tanks critical of Moscow.
So far, it’s unknown who’s behind this attempt against the Democrat’s voter database.