The magnitude of the situation shows just how vulnerable US citizens are to email targeting by criminal organizations and foreign adversaries, only proven further as U.S. officials announced the news that Iran and Russia had obtained voter registration data and email addresses with the intent of interfering in the 2020 election.
“An enormous amount of data about U.S. citizens is available to cyber criminals” and foreign adversaries, said Ziv Mador, vice president of security research at Trustwave, which discovered the material.
“In the wrong hands, this voter and consumer data can easily be used for geotargeted disinformation campaigns over social media, email phishing and text and phone scams,” he added, “before, during and after the election, especially if results are contested.”
The data is a compellation of personal information stolen in various hacks of companies in recent years and publicly available data taken from government websites, he said. In most states, voter registration information is publicly available, for example.
Trustwave reviews dark web forums for threat information, and it stumbled upon a hacker calling himself Greenmoon2019 who selling data. Trustwave utilized fictitious identities to entice the hacker to provide more information, employing a Bitcoin wallet that Greenmoon2019 used to collect payment.
Trustwave traced payments to a larger wallet, opened in May, that has collected over $100 million in what the company believes is illicit proceeds, Mador suggested.
Having public information out on the web isn’t a new thing, but it’s the mix of stolen information packaged along with public information that makes it so appealing to be used for voter fraud. Trustwave said the hacker was offering 186 million voter records and 245 million records of other personal data.
National Intelligence Director John Ratcliffe shared Wednesday night that Iran had got their hands on U.S. voter registration information and used it to send threatening emails to Democrats while posing as the Proud Boys, a white supremacist group. Ratcliffe said the Russian government had also obtained voter registration information.
The databases on sale allow hackers to segment the email addresses of registered Democrats or only registered Republicans. This way they can do individual campaigns to perform different agendas.
If you need help with cybersecurity solutions for your business contact DarkHound at [email protected].