Sunday, January 17, 00:07
Home security FBI, CISA and DHS reveal how Iranian hackers stole data from American voters

FBI, CISA and DHS reveal how Iranian hackers stole data from American voters

The FBI, the US Department of Homeland Security (DHS) and the CISA have released a new piece of advice that provides more details on how Iranian hackers managed to steal voter registration information from the country's government sites, including polling stations. sites. The stolen voter data was then used to intimidate Democratic voters through e-mail, which are supposed to have come from Proud Boys, to persuade them to vote for him Tramp. Efforts to collect voter information from polling stations took place in the meantime September 29 and October 17.

FBI, CISA and DHS reveal how Iranian hackers stole data from American voters

According to the FBI, DHS and CISA, the Iranian hackers aimed to intervene in this year's US elections taking advantage of known vulnerabilities, web shell uploads, structured query language (SQL) injection but also utilizing unique defects sites.

In particular, Iranian hackers used the vulnerability scanner for the first time Acunetix to detect security vulnerabilities affecting target sites, which later allowed them to exploit unsafe servers. With the attacks were able to successfully download them data voter registration for at least one of their states USA, taking advantage of the incorrect configuration and vulnerabilities of the election sites.

To do this, they used scripts designed to use the "cURL" tool to repeat voter registrations, to automatically switch to databases and their subsequent download.

FBI, CISA and DHS reveal how Iranian hackers stole data from American voters

The FBI said in a statement issued a few days ago that many of the IP addresses used by Iranian hackers in the Proud Boys' fake email campaign came from the service. NordVPN, and may correspond to other VPN providers, including CDN77, HQSERV and M247.

During the investigation, the FBI also found evidence that Iranian hackers searched the following information during their efforts to scan and exploit polling stations.:

  • YOURLS exploitation
  • Bypass ModSecurity Web Application Firewall
  • Detect Web Application Firewalls
  • SQLmap Tool
FBI, CISA and DHS reveal how Iranian hackers stole data from American voters

As the BleepingComputer points out, the FBI and CISA provide the following mitigation measures to prevent future attacks:

  • Apply updates and patches to systems And the applications
  • Scanning web applications for SQL injection and other common web vulnerabilities
  • Web application firewall development
  • Development of web shells protection techniques
  • Use Multi-Factor Authentication (MFA) for Administrator Accounts
  • Restoration of critical web application security risks


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


iPhone / iPad: How to close all Safari tabs at once

If you have dozens of Safari tabs open on your iPhone or iPad and want to close them quickly, it might be ...

Emotet has "evolved" and is at the top of the malware charts!

The infamous Emotet trojan returns to the top of the malware charts, having been "refreshed" and evolved to be more difficult to detect. The world ...

Signal: How to protect your messages with passcode?

In recent days the Signal messaging application has become quite popular. The Signal ...

The 5 best secure alternatives for WhatsApp

WhatsApp is one of the most popular messaging platforms, but it is definitely not accepted by everyone. Especially after his last ...

Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...