Security expert for plaintiffs examined mirror image of server and found that a user account named "shellshock" was added to server Dec. 2, 2014. The user then patched the Shellshock vuln (common hacker behavior to keep other intruders out).
-
-
Prikaži ovu nit
-
It appears intruder may have altered the bash history file as well to erase some of his activity. The new info, coupled with previous problems with the server that I wrote about in 2017, raise important questions about the integrity of Georgia's elections.https://www.politico.com/magazine/story/2017/06/14/will-the-georgia-special-election-get-hacked-215255 …
Prikaži ovu nit -
From the security experts affidavit filed in Georgia court today:pic.twitter.com/GrKZtbdeGv
Prikaži ovu nit -
It's unclear if intruder was still in system in 2016 or if he/she altered data on server or placed malware to infect election officials who accessed it. This is unclear because Georgia never did forensic invest., even after security researcher told GA the server was not secure.
Prikaži ovu nit -
In any case, the Center for Election Systems, which owned and operated the vulnerable and potentially hacked server, was in charge of programming all of the state's voting machines before every election and distributing the state's voter registration database to counties.
Prikaži ovu nit -
An expert I spoke w/ for this story told me the evidence indicates that the breach was likely done thru an automated script that scanned the internet for any systems vulnerable to Shellshock, then created user account named "shellshock" on the server and automatically patched it.
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
What was charming/disturbing: the hacker patched one of the vulns. It’s like a burglar doing the dishes and vacuuming before clearing out with the good silverware.
-
That’s not uncommon for them to do that. You don’t want to share a hacked machine with other hackers who might do something on the system that attracts attention and gets you both booted out
Kraj razgovora
Novi razgovor -
-
-
Wait drupalgeddon? Are you telling me that the election backend was written in Drupal framework?
-
It's not the backend system that tabulate votes and posts results. Those are handled by systems in each county. But it was a server owned/operated by entity that was responsible for programming all voting machines in GA. They insist they used a different system for programming.
- Još 1 odgovor
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.