DNC Credentials Compromised by IntelFetch Telegram Bot

  /     /     /  
Publicated : 23/11/2024   Category : security


DNC Credentials Compromised by IntelFetch Telegram Bot


The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.



As the Democratic National Convention (DNC) is set to kick off in Chicago Aug. 19-22, a Telegram-based bot service called IntelFetch, has been aggregating compromised credentials linked to the DNC and Democratic Party websites.
The stolen data, identified and verified by ZeroFox researchers, includes compromised credentials from the Washington and Idaho state branches of the DNC, and other sensitive information, including logins for party members and delegates.
The exposed data includes email addresses and passwords, primarily from users registered on demconvention.com, democrats.org, and related domains.
The report noted that although the breach did not appear to stem from a targeted attack, it presents a significant risk of unauthorized access to sensitive systems within the Democratic Party and the DNC. Such access could allow malicious actors to infiltrate secure systems, access confidential information, and potentially disrupt party operations, jeopardizing the security and integrity of the DNC and other critical activities.
There is, of course, a history of state-sponsored threats targeting the DNC and other US political targets; in 2016 the Russian advanced persistent threat known as
APT28 or Fancy Bear hacked into the DNC website
, as well as the Hillary Clinton campaign and the Democratic Congressional Campaign Committee.
Lewis Shields, director of dark ops at ZeroFox, says that everyone attending the convention should be perceived — by both the DNC organizers and the individuals themselves — as a potential and attractive target for cyber threat actors.
Threat actors may target attendees directly and leverage their access to move on to higher-value targets, he tells Dark Reading. The recent
reported hacks against political targets
indicates that even those loosely connected to policymaking may be used to target those who are more influential.
Shields explains that the details of the reported Trump campaign hack that came to light yesterday, the subsequent disclosure that the Biden-Harris campaign was also targeted, and ZeroFoxs own research all indicate threat actors are taking the work your way up the ladder tack.
For instance, an FBI source told NBC News that the agency was investigating attempted hacks on three Biden-Harris campaign staffers, and on former Trump advisor Roger Stone.
In general, this election is almost certainly a target for foreign cyber threat actors because of the myriad geopolitical disputes as well as the relative foreign policy unknowns among the candidates, he notes.
Foreign governments are therefore very likely eager to obtain as much information on potential policy decisions as possible.
Threat actors who cannot send diplomats to engage with candidates are more likely to attempt to obtain the information via cyber espionage campaigns or other malicious activity, Shields says.
Election security is seen as a critical issue as 2024 marks a pivotal year for global democracy, with a record number of national elections
taking place worldwide
— though cyberattacks on election campaigns
go back decades
.
Kitchen sink attack chains
— complex, multi-faceted strategies deploying variety of different attack methods and techniques to compromise a target — have emerged as one of the most serious modern threats.
Back in January FBI director Christopher Wray warned of chaos during this years election, singling out China as the
most formidable threat actor
, though other nation state malicious actors are likely to deploy campaigns and possibly
target election infrastructure itself
.
Beyond direct attacks, governments are also battling misinformation distributed during the election season and the rise of generative AI (GenAI) produced deepfake images and video clips is worrying cybersecurity professionals — a
deepfake robocall impersonating President Biden
has already occurred.
To combat this rapidly evolving threat, local governments are
encouraged to engage transparently
with residents through regular updates, public meetings, and community partnerships to build and maintain trust.
Shields notes that cybersecurity has become a core tenant of national security strategies and policies, especially given the current geopolitical context where foreign policy and armed warfare are occurring alongside cyber campaigns.
From his perspective, any policy discussions regarding ongoing support for Ukraine, restricting Chinas access to advanced technologies, and US policy in the Middle East, must include cybersecurity protections in the design and drafting stages.
The days of cybersecurity concerns being relegated to secondary discussed only among cybersecurity experts has ended, he explains.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DNC Credentials Compromised by IntelFetch Telegram Bot