*** Welcome to piglix ***

Podesta emails


In March 2016, the personal Gmail account of John Podesta, a former White House chief of staff and the chairman of Hillary Clinton's 2016 U.S. presidential campaign, was compromised in a data breach, and a collection of his emails, many of which were work-related, were stolen. Cybersecurity researchers as well as the United States government attributed responsibility for the breach, which was accomplished via a spear-phishing attack, to the hacking group Fancy Bear, affiliated with Russian intelligence services.

SecureWorks concluded Fancy Bear had sent Podesta an email on 19 March 2016 that had the appearance of a Google security alert, but actually contained a misleading link—a strategy known as spear-phishing. (This tactic has also been used by hackers to break into the accounts of other notable persons, such as Colin Powell). The link—which used Bitly, a URL shortening service—brought Podesta to a fake log-in page where he entered his Gmail credentials. The email was initially sent to the IT department as it was suspected of being a fake but was described as "legitimate" in an e-mail sent by a department employee, who later said he meant to write "illegitimate."

SecureWorks had tracked the activities of Fancy Bear for more than a year before the cyberattack, and in June 2016 had reported the group made use of malicious Bitly links and fake Google login pages to trick targets into divulging their passwords. However, as the New York Times reported: "The hackers made a critical error by leaving some of their Bitly accounts public, making it possible for SecureWorks to trace 9,000 of their links to nearly 4,000 Gmail accounts targeted between October 2015 and May 2016 with fake Google login pages and security alerts designed to trick users into turning over their passwords." Of this list of targeted accounts, more than one hundred were policy advisors to Clinton, or members of her presidential campaign, and by June, twenty staff members had clicked on the phishing links.


...
Wikipedia

...