Wednesday, September 14, 2016

DC Leaks

DC Leaks --- ===

DC Leaks is an American-based n project from self-described hacktivists. They  analyze and releases emails from prominent officials and their influence agents worldwide.  The website ThreatConnect linked DCLeaks As Another Russian-backed Influence Outlet in a pattern of hacking connected to Russia.

*Tags
  • Hacking
  • Russian suspects

*Reference

DCleaks - Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/DCleaks
WikipediaDCleaks is an project from self-described hacktivists. Which analyze and releases emails from prominent officials and their influence agents worldwide.

ThreatConnect Identifies DCLeaks As Another Russian-backed Influence outlet  https://www.threatconnect.com/blog/does-a-bear-leak-in-the-woods/
Aug 12, 2016 -
ThreatConnect Identifies DCLeaks As Another Russian-backed Influence Outlet

Read the full series of ThreatConnect posts following the DNC Breach: “Rebooting Watergate: Tapping into the Democratic National Committee”, “Shiny Object? Guccifer 2.0 and the DNC Breach“, “What’s in a Name Server?“, “Guccifer 2.0: the Man, the Myth, the Legend?“, “Guccifer 2.0: All Roads Lead to Russia“, “FANCY BEAR Has an (IT) Itch that They Can’t Scratch“, “Does a BEAR Leak in the Woods?“, “Russian Cyber Operations on Steroids“, and “Can a BEAR Fit Down a Rabbit Hole?

Over the last month and a half, ThreatConnect has authored a number of blog posts pulling at strands of a nebulous Russian spiderweb of malicious infrastructure – one data point at a time. Along the way, we’ve built off of the work other researchers have done and have engaged with a handful of journalists who are eager to get to the bottom of the story. We assess the Guccifer 2.0 persona that surfaced after the DNC breach was announced in June is a Russian creation to maximize the impact of strategic leaks.

But it looks like we missed something called DCLeaks, another outlet for leaked material. We believe DCLeaks is another Russian-backed influence outlet based on the following:
Guccifer 2.0’s use of DCLeaks to share purloined emails from a Hillary Clinton campaign staffer with journalists
DCLeaks hosting a portfolio of leaked emails belonging to Billy Rinehart Jr. — a former development manager at the United Nations Foundation and regional field director for the DNC — whose email account was breached in the same manner as a known FANCY BEAR attack method
DCLeaks’ registration and hosting information aligns with other FANCY BEAR activities and known tactics, techniques, and procedures


For more on this, see today’s article from The Smoking Gun detailing DC Leaks.
DCLeaks Background

DCLeaks was established in mid-2016 and initially garnered some publicity for releasing a series of emails from retired Air Force General Philip Breedlove, who in his last position was the commander of U.S. European Command and NATO forces. In this role as the most senior U.S. military official responsible for Russia, General Breedlove advocated for a more muscular response to Russian aggression in Ukraine and the leaked emails detail internal lobbying pertaining to the Obama Administration’s policy. (snip)


Summary of Analysis

We assess that DCLeaks is another Russian influence operation, possibly put on by the same Russian actors behind the Guccifer 2.0 persona. We base this assessment on the following circumstantial findings:
DCLeaks has posted content from General Breedlove that was germane to Russian military intervention in Ukraine.
Guccifer 2.0 has not publicly mentioned or promoted DCLeaks. Only in private communications with TSG does Guccifer 2.0 reveal prior knowledge of DCLeaks.
Guccifer 2.0 is the first known entity to have prior knowledge of and privileged access to exclusive content (Sarah Hamilton Emails) on the DCLeaks webpage before it was publicly available.
Guccifer 2.0 claimed that DCLeaks is a Wikileaks subproject where there is no public evidence of any formal or informal relationships between DCLeaks and Wikileaks.
FANCY BEAR activity targeting Billy Rinehart in March 2016 most likely resulted in his emails being posted to DCLeaks.
DCLeaks’ website was registered by an individual using a 1&1 webmail provider (europe[.]com), which is consistent with previously identified FANCY BEAR TTPs.
DCLeaks’ domain was registered through an obscure Romanian registrar whose small name servers have been associated with other FANCY BEAR activity.

Additional information that would help us reevaluate our assessment and our confidence in it includes the following:
Information indicating whether the other individuals in DCLeaks’ portfolio were also targeted by FANCY BEAR.
Information indicating whether Billy Rinehart had been targeted and compromised by any other actors.
Information indicating whether individuals other than those behind Guccifer 2.0 can authorize access to protected content on the site.
Conclusion

*Wikipedia
9/14/2016

DCleaks
From Wikipedia, the free encyclopedia

DCleaks is an project from self-described hacktivists. Which analyze and releases emails from prominent officials and their influence agents worldwide.

Contents [hide]
1Nationality
2Motivation
3History
4Leaks
5See also
6References
7External links


Nationality[edit]

DCleaks claimed to be Americans, and Citizens of the United States[1]

Contrary to the claim above, ThreatConnect a group of cybersecurity researchers claimed that DCleaks.com website with its "spiffy capitol-dome logo", shows the marks of the Russian intelligence[2][3][4][5]

Motivation[edit]

The self-described American hacktivists claim to be motivated by "freedom of speech, human rights, and government of the people"[6]
History[edit]

On April 19, 2016 the domain name DCleaks.com was created[7]

In June 2016 the DCleaks.com website was launch[8]
Leaks[edit]

On June 14, 2016 the press reported that the DNC had been breached for nearly a year. Ranging from the summer 2015 and the other in April 2016. And had knocked the attacker out of its network during the weekend of June 11 and 12, 2016.[9]

On July 1, 2016 DCleaks released emails about four-star General Philip Breedlove. Who was until recently the NATO supreme commander in Europe. Those emails allegedly shows that Breedlove plotted in private to overcome President Barack Obama’s reluctance to escalate military tensions with Russia over the war in Ukraine in 2014.[10][11]

On August 12, 2016 DCleaks released roughly 300 emails from Republican targets. Including the 2016 campaign staffs for Republican Senator John McCain, and 2016 presidential candidate and Republican Senator Lindsey Graham. As well as 2012 presidential candidate and Republican politician Michele Bachmann.[8]

On August 12, 2016 DCleaks released information about more than 200 Democratic lawmakers. Including their personal cellphone numbers.[5]

On August 15, 2016 DCleaks released 2,576 files. Related to George Soros' various organizations. Predominantly his Open Society Foundation. Including the Foundation internal work plans, strategies, priorities and other worldwide activities by the billionaire Soros.[2][12][13][14][15]
See also[edit]
2016 Democratic National Committee email leak
Guccifer 2.0
Hacker
Hillary Clinton controversies
Whistleblower
References[edit]

  1. Jump up^ Uchill, Joe (2016-08-12). "Report: Russia tried to start own WikiLeaks".thehill.com. The Hill (newspaper). Retrieved 2016-08-30.
  2. ^ Jump up to:a b Riley, Michael (2016-08-11). "Russian Hackers of DNC Said to Nab Secrets From NATO, Soros". Bloomberg.com. Bloomberg News. Retrieved 2016-08-30.
  3. Jump up^ Meyer, Josh (2016-08-27). "Experts: Same Russians hacked Olympic whistleblower, Democrats". nbcnews.com. NBC News. Retrieved 2016-08-30.
  4. Jump up^ Paletta, Damian (2016-08-15). "Democrats Brace for More Leaks From Hackers". Wall Street Journal. ISSN 0099-9660. Retrieved 2016-08-30.
  5. ^ Jump up to:a b DuVall, Eric (2016-08-13). "Suspected Russian hackers release lawmakers' personal information". upi.com. United Press International. Retrieved 2016-08-30.
  6. Jump up^ "DC Leaks | ABOUT". dcleaks.com. DCleaks. 2016-08-29. Retrieved2016-08-30.
  7. Jump up^ "DcLeaks.com WHOIS, DNS, & Domain Info - DomainTools".whois.domaintools.com. DomainTools. 2016-04-19. Retrieved 2016-08-30.
  8. ^ Jump up to:a b Bennett, Cory (2016-08-13). "Suspected Russian DNC hackers also hit GOP, researchers say". politico.com. Politico. Retrieved 2016-08-30.
  9. Jump up^ Uchill, Joe (2016-08-12). "Report: Russia tried to start own WikiLeaks".http://thehill.com. The Hill (newspaper). Retrieved 2016-08-30. External link in|website= (help)
  10. Jump up^ Fang, Lee; Jilani, Zaid (2016-07-01). "Hacked Emails Reveal NATO General Plotting Against Obama on Russia Policy". theintercept.com. The Intercept. Retrieved 2016-08-30.
  11. Jump up^ Hannon, Elliot (2016-08-11). "Russian Hackers Reportedly Tried "DC Leaks" Site to Leak Emails Before Moving on to WikiLeaks". Slate. ISSN 1091-2339. Retrieved 2016-08-30.
  12. Jump up^ Hattem, Julian (2016-08-15). "Thousands of Soros docs released by alleged Russian-backed hackers". thehill.com. The Hill (newspaper). Retrieved2016-08-30.
  13. Jump up^ "Soros hacked, thousands of Open Society Foundations files released online".rt.com. RT (TV network). 2016-08-14. Retrieved 2016-08-30.
  14. Jump up^ Kaplan, Rachel (2016-08-16). "George Soros hacked, documents posted online". israelnationalnews.com. Arutz Sheva. Retrieved 2016-08-30.
  15. Jump up^ "The Bizarre Media Blackout Of Hacked George Soros Documents".investors.com. Investor's Business Daily. 2016-08-19. Retrieved 2016-08-30.
External links[edit]
DCleaks website

Hacking in the 2010s

Major incidents

Operation Aurora (2010)
Australian cyberattacks (2010)
Operation Payback (2010)
HBGary Federal (2011)
DigiNotar (2011)
Operation Tunisia (2011)
2011 PlayStation Network outage (2011)
Operation AntiSec (2011)
Stratfor email leak (2012–13)
LinkedIn hack (2012)
South Korea cyberattack (2013)
Snapchat hack (2013)
Operation Tovar (2014)
iCloud leaks of celebrity photos (2014)
Sony Pictures Entertainment hack (2014)
Office of Personnel Management data breach (2015)
Hacking Team (2015)
Ashley Madison data breach (2015)
VTech data breach (2015)
Bangladesh Bank heist (2016)
Commission on Elections data breach (2016)
Democratic National Committee cyber attacks (2016)
DCCC cyber attacks (2016)

Groups

Anonymous
associated events
CyberBerkut
Bureau 121
Derp
Equation Group
GNAA
Goatse Security
Hacking Team
Iranian Cyber Army
Lizard Squad
LulzRaft
LulzSec
NullCrew
NSO Group
PayPal 14
PLA Unit 61398
RedHack
The Shadow Brokers
Syrian Electronic Army
TeaMp0isoN
Tailored Access Operations
UGNazi
Yemen Cyber Army

Individuals

George Hotz
Guccifer
Guccifer 2.0
Hector Monsegur
Jeremy Hammond
Junaid Hussain
Kristoffer von Hassel
Mustafa Al-Bassam
Ryan Ackroyd
Topiary
The Jester
weev

Vulnerabilities
discovered

Heartbleed (2014)
Shellshock (2014)
POODLE (2014)
Rootpipe (2014)
JASBUG (2015)
Stagefright (2015)
DROWN (2016)
Badlock (2016)
XAgent (2015)

Malware

Careto / The Mask
CryptoLocker
Dexter
Duqu
Duqu 2.0
FinFisher
Flame
Gameover ZeuS
Mahdi
Metulji botnet
NSA ANT catalog
Pegasus
R2D2 (trojan)
Shamoon
Stars virus
Stuxnet



*Sources




DC Leaks
soros.dcleaks.com/


George Soros is a Hungarian-American business magnate, investor, philanthropist, political activist and author who is of Hungarian-Jewish ancestry and holds ...

DC Leaks (@DCleaks_) | Twitter
https://twitter.com/dcleaks_


The latest Tweets from DC Leaks (@DCleaks_). DCleaks is a new level project aimed to analyze and publish a large amount of emails from top-ranking officials ...
In the news

Colin Powell Urged Hillary Clinton's Team Not to Scapegoat Him for Her Private Server, Leaked Emails Reveal
The Intercept‎ - 14 hours agoPowell's private messages were leaked by D.C. Leaks, an anonymously managed website ...
Reports: Colin Powell calls Donald Trump a 'national disgrace' in hacked emails
USA TODAY‎ - 2 hours ago
EXCLUSIVE: Colin Powell's Personal Email Hacked
Daily Caller‎ - 14 hours agoMore news for dcleaks

DCLeaks Website Down, Twitter Suspended Releasing Soros Docs ...
dailycaller.com/.../dcleaks-has-website-shut-down-twitter-suspended-...



The Daily CallerAug 27, 2016 - DCLeaks, a website that releases information on powerful political figures, has had part of its website taken offline after releasing a cache of documents on billionaire donor George Soros. The @DCLeaks Twitter account has also been suspended from Twitter for reasons unknown.

DCLeaks Website And Twitter Down After Publishing Leaked George ...
www.thegatewaypundit.com/.../dcleaks-website-twitter-publishing-leaked-george-soro...


Aug 27, 2016 - DCLeaks, a website that releases information on powerful political figures, has had part of its website taken offline after releasing a cache of ...

DCleaks | Facebook
https://www.facebook.com/DClks/


http://dcleaks.com/.

George Soros' NGOs exposed manipulating EU elections in 2,500 ...
theduran.com/george-soros-criminal-ngos-fully-exposed-dc-leaks-2500-document-ha...


Aug 15, 2016 - The Hungarian Billionaire and his NGOs wield immense power, and the documents that are being shared by DC Leaks show how Soros ...

DC Leaks: Little Known Site Dumps Data On George Soros
https://www.riskbasedsecurity.com/.../dc-leaks-little-known-site-dumps-data-on-georg...


Aug 13, 2016 - DCleaks is a new level project aimed to analyze and publish a large amount of emails from top-ranking officials and their influence agents all ...

Russian Hackers of DNC Said to Nab Secrets From NATO, Soros ...
www.bloomberg.com/.../russian-hackers-of-dnc-said-to-scoop-up-sec...



Bloomberg L.P.Aug 11, 2016 - DCLeaks.com revealed e-mails before WikiLeaks embarrassed DNC ... The e-mails and documents posted to the DCLeaks site in early June ...

DC Leaks | Know Your Meme
knowyourmeme.com/memes/sites/dc-leaks



Know Your MemeDC Leaks is a website which serves as a repository for leaked emails taken from the accounts of top-ranking officials from around the world. In August 2016, the ...