Subscribe via feed.

How Top U.S. Government Officials Got Hacked

Posted by deepcore on June 4, 2011 – 6:26 pm

The targeted phishing scheme that struck hundreds of top U.S. government officials’ personal Gmail accounts was neither difficult to perform nor incredibly sophisticated.

The attackers were able to pose as legitimate, trusted senders from the State Department, Office of the Secretary of Defense and the Defense Intelligence Agency by sending e-mails from what appeared — even on close inspection — to be real e-mail addresses ending in familiar domains like state.gov, osd.mil and dia.mil.

To accomplish that, the attackers told their mail server to send e-mails from the spoofed addresses rather than their own. Though most e-mail clients like Gmail or Microsoft

Outlook don’t allow users to do that, that’s one of the fields an administrator of an e-mail server can easily change.

When that’s done, it’s incredibly difficult or sometimes impossible for a user to know that the sender is really an impostor.

In this case, malicious e-mails were sent with some text and what appeared to be an attachment. According to the Contagio blog, which first discovered the attack in February, one e-mail sent to State Department officials read:

“This is the latest version of State’s joint statement. My understanding is that State put in placeholder econ language and am happy to have us fill in but in their rush to get a cleared version from the WH, they sent the attached to Mike.”

 

Here is the original post:

How Top U.S. Government Officials Got Hacked


This post is under “Security” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.