November 03, 2017
The inside story of how the Russians hacked the Democrats’ emails

WASHINGTON—It was just before noon in Moscow on March 10, 2016, when the first volley of malicious messages hit the Hillary Clinton campaign.
The first 29 phishing emails were almost all misfires. Addressed to people who worked for Clinton during her first presidential run, the messages bounced back untouched.

Except one.
Within nine days, some of the campaign’s most consequential secrets would be in the hackers’ hands, part of a massive operation aimed at vacuuming up millions of messages from thousands of inboxes across the world.
An Associated Press investigation into the digital break-ins that disrupted the U.S. presidential contest has sketched out an anatomy of the hack that led to months of damaging disclosures about the Democratic Party’s nominee. It wasn’t just a few aides that the hackers went after; it was an all-out blitz across the Democratic Party. They tried to compromise Clinton’s inner circle and more than 130 party employees, supporters and contractors.
While U.S. intelligence agencies have concluded that Russia was behind the email thefts, the AP drew on forensic data to report Thursday that the hackers known as Fancy Bear were closely aligned with the interests of the Russian government.
The AP’s reconstruction— based on a database of 19,000 malicious links recently shared by cybersecurity firm Secureworks — shows how the hackers worked their way around the Clinton campaign’s top-of-the-line digital security to steal chairman John Podesta’s emails in March 2016.
It also helps explain how a Russian-linked intermediary could boast to a Trump policy adviser, a month later, that the Kremlin had “thousands of emails” worth of dirt on Clinton.

Phishing for victims
The rogue messages that first flew across the internet March 10 were dressed up to look like they came from Google, the company that provided the Clinton campaign’s email infrastructure. The messages urged users to boost their security or change their passwords while in fact steering them toward decoy websites designed to collect their credentials.
One of the first people targeted was Rahul Sreenivasan, who had worked as a Clinton organizer in Texas in 2008 — his first paid job in politics. Sreenivasan, now a legislative staffer in Austin, was dumbfounded when told by the AP that hackers had tried to break into rsreenivasan@hillaryclinton.com. He said the address had been dead for nearly a decade.
“They probably crawled the internet for this stuff,” he said.
Almost everyone else targeted in the initial wave was, like Sreenivasan, a 2008 staffer whose defunct email address had somehow lingered online.
But one email made its way to the account of another staffer who’d worked for Clinton in 2008 and joined again in 2016, the AP found. It’s possible the hackers broke in and stole her contacts; the data shows the phishing links sent to her were clicked several times.
Secureworks’ data reveals when phishing links were created and indicates whether they were clicked. But it doesn’t show whether people entered their passwords.

The inside story of how the Russians hacked the Democrats’ emails

Within hours of a second volley emailed March 11, the hackers hit pay dirt. All of a sudden, they were sending links aimed at senior Clinton officials’ nonpublic 2016 addresses, including those belonging to longtime Clinton aide Robert Russo and campaign chairman John Podesta.
The Clinton campaign was no easy target; several former employees said the organization put particular stress on digital safety.
Work emails were protected by two-factor authentication, a technique that uses a second passcode to keep accounts secure. Most messages were deleted after 30 days and staff went through phishing drills. Security awareness even followed the campaigners into the bathroom, where someone put a picture of a toothbrush under the words: “You shouldn’t share your passwords either.”
Two-factor authentication may have slowed the hackers, but it didn’t stop them. After repeated attempts to break into various staffers’ hillaryclinton.com accounts, the hackers turned to the personal Gmail addresses. It was there on March 19 that they targeted top Clinton lieutenants — including campaign manager Robby Mook, senior adviser Jake Sullivan and political fixer Philippe Reines.
A malicious link was generated for Podesta at 11:28 a.m. Moscow time, the AP found. Documents subsequently published by WikiLeaks show that the rogue email arrived in his inbox six minutes later. The link was clicked twice.
Podesta’s messages — at least 50,000 of them — were in the hackers’ hands.

A serious breach
Though the heart of the campaign was now compromised, the hacking efforts continued. Three new volleys of malicious messages were generated on the 22nd, 23rd and 25th of March, targeting communications director Jennifer Palmieri and Clinton confidante Huma Abedin, among others.
The torrent of phishing emails caught the attention of the FBI, which had spent the previous six months urging the Democratic National Committee in Washington to raise its shield against suspected Russian hacking. In late March, FBI agents paid a visit to Clinton’s Brooklyn headquarters, where they were received warily, given the agency’s investigation into the candidate’s use of a private email server while secretary of state.
The phishing messages also caught the attention of Secureworks, a subsidiary of Dell Technologies, which had been following Fancy Bear, whom Secureworks codenamed Iron Twilight.
Fancy Bear had made a critical mistake.
It fumbled a setting in the Bitly link-shortening service that it was using to sneak its emails past Google’s spam filter. The blunder exposed whom they were targeting.
It was late March when Secureworks discovered the hackers were going after Democrats.
“As soon as we started seeing some of those hillaryclinton.com email addresses coming through, the DNC email addresses, we realized it’s going to be an interesting twist to this,” said Rafe Pilling, a senior security researcher with Secureworks.
By early April Fancy Bear was getting increasingly aggressive, the AP found. More than 60 bogus emails were prepared for Clinton campaign and DNC staffers on April 6 alone, and the hackers began hunting for Democrats beyond New York and Washington, targeting the digital communications director for Pennsylvania Gov. Tom Wolf and a deputy director in the office of Chicago Mayor Rahm Emanuel.
The group’s hackers seemed particularly interested in Democratic officials working on voter registration issues: Pratt Wiley, the DNC’s then-director of voter protection, had been targeted as far back as October 2015 and the hackers tried to pry open his inbox as many as 15 times over six months.

The inside story of how the Russians hacked the Democrats’ emails

Employees at several organizations connected to the Democrats were targeted, including the Clinton Foundation, the Center for American Progress, technology provider NGP VAN, campaign strategy firm 270 Strategies, and partisan news outlet Shareblue Media.
As the hacking intensified, other elements swung into place. On April 12, 2016, someone paid $37 worth of bitcoin to the Romanian web hosting company THCServers.com, to reserve a website called Electionleaks.com, according to transaction records obtained by AP. A botched registration meant the site never got off the ground, but the records show THC received a nearly identical payment a week later to create DCLeaks.com.
By the second half of April, the DNC’s senior leadership was beginning to realize something was amiss. One DNC consultant, Alexandra Chalupa, received an April 20 warning from Yahoo saying her account was under threat from state-sponsored hackers, according to a screengrab she circulated among colleagues.
The Trump campaign had gotten a whiff of Clinton email hacking, too. According to recently unsealed court documents, former Trump foreign policy adviser George Papadopoulos said that it was at an April 26 meeting at a London hotel that he was told by a professor closely connected to the Russian government that the Kremlin had obtained compromising information about Clinton.
“They have dirt on her,” Papadopoulos said he was told. “They have thousands of emails.”
A few days later, Amy Dacey, then the DNC chief executive, got an urgent call.
There’d been a serious breach at the DNC.
Related Stories
Latest News
Top news around the world
Academy Awards

‘Oppenheimer’ Reigns at Oscars With Seven Wins, Including Best Picture and Director

Get the latest news about the 2024 Oscars, including nominations, winners, predictions and red carpet fashion at 96th Academy Awards

Around the World

Celebrity News

> Latest News in Media

Watch It
Ruby Franke’s Husband REVEALS Alleged Rules He Had to Follow at Home | E! News
March 28, 2024
_mU-3lE2QwI
#KenanThompson speaks out following the #QuietonSet documentary. (🎥: Tamron Hall Show) #shorts
March 28, 2024
8AGP-Gfw_Ek
King Charles Shares "Great Sadness" at Missing Royal Appearance | E! News
March 28, 2024
lyizFqf1kQY
Martha Reeves Walk of Fame Ceremony
March 27, 2024
QzyezumEPtQ
Eminem, 50 Cent & Snoop Dogg Present Dr. Dre with a Star on the Walk of Fame
March 19, 2024
4bNLs1hxVp8
Opening Remarks for the Variety Summit October 20th, 2023 Jay Penske
March 18, 2024
c6Z707iLq8E
Montell Jordan Dishes On Young MC Wedding, 'This Is How Date Night' Plans | TMZ
March 28, 2024
G3SMExj-qio
Davina Potratz Says TV Not Helping 'Selling Sunset' Relationship Woes | TMZ
March 28, 2024
D4piy4GNm4k
Logan Paul Rips Graham Bensinger Over Documentary, You Promised Apple TV+ | TMZ Live
March 28, 2024
NiSDpZhZklQ
Prince William pinned royal medal to Spice Girl Mel B’s boobs #shorts
March 28, 2024
O1cQ0UW9pco
Jennifer Garner shares ‘hard’ part of raising her and Ben Affleck’s kids
March 28, 2024
3Q7mZaVUdgc
50 Cent's ex Daphne Joy named as an alleged sex worker in Sean ‘Diddy’ Combs lawsuit #shorts
March 28, 2024
yhLFI8DG9rM
TV Schedule
Late Night Show
Watch the latest shows of U.S. top comedians

Sports

Latest sport results, news, videos, interviews and comments
Latest Events
28
Mar
CHAMPIONS LEAGUE: Playoffs - Women
PSG W - Hacken W
28
Mar
CHAMPIONS LEAGUE: Playoffs - Women
Barcelona W - SK Brann W
27
Mar
CHAMPIONS LEAGUE: Playoffs - Women
Chelsea W - Ajax W
27
Mar
CHAMPIONS LEAGUE: Playoffs - Women
Lyon W - SL Benfica W
17
Mar
SPAIN: La Liga
Atletico Madrid - Barcelona
17
Mar
ENGLAND: FA Cup
Manchester United - Liverpool
17
Mar
ITALY: Serie A
Inter Milan - Napoli
17
Mar
GERMANY: Bundesliga
Borussia Dortmund - Eintracht Frankfurt
17
Mar
ENGLAND: FA Cup
Chelsea - Leicester City
17
Mar
ITALY: Serie A
Roma - Sassuolo
17
Mar
ITALY: Serie A
Verona - AC Milan
17
Mar
ITALY: Serie A
Juventus - Genoa
16
Mar
GERMANY: Bundesliga
Darmstadt - Bayern Munich
16
Mar
ENGLAND: FA Cup
Manchester City - Newcastle United
16
Mar
ENGLAND: Premier League
Fulham - Tottenham Hotspur
16
Mar
SPAIN: La Liga
Osasuna - Real Madrid
13
Mar
CHAMPIONS LEAGUE: 1/8 Final
Atletico Madrid - Inter Milan
12
Mar
CHAMPIONS LEAGUE: 1/8 Final
Barcelona - Napoli
12
Mar
CHAMPIONS LEAGUE: 1/8 Final
Arsenal - Porto
Find us on Instagram
at @feedimo to stay up to date with the latest.
Featured Video You Might Like
zWJ3MxW_HWA L1eLanNeZKg i1XRgbyUtOo -g9Qziqbif8 0vmRhiLHE2U JFCZUoa6MYE UfN5PCF5EUo 2PV55f3-UAg W3y9zuI_F64 -7qCxIccihU pQ9gcOoH9R8 g5MRDEXRk4k
Copyright © 2020 Feedimo. All Rights Reserved.