In an effort to hear a "just-plain-facts" in a low-key style on this Putin-Trump-Helsinki meeting, I came across a listen-able report/discussion on You Tube --
when you Google:
Intel chief: Don't know what happened in Trump-Putin meeting
you get some information you can use...
It's 23:20 in length. (There's another one with that title & the same guy's face, on CNN.com, that is one minute 17 seconds. I'm recommending the 23-minute one.)
_____________________________
Mueller indictment (continued)
30. On or about May 30, 2016, MALYSHEV accessed the AMS panel in order to upgrade custom AMS software on the server. That day, the AMS panel received updates from approximately thirteen different X-Agent malware implants on DCCC and DNC computers.
31. During the hacking of the DCCC and DNC networks, the Conspirators covered their tracks by intentionally deleting logs and computer files. For example, on or about May 23, 2016, the Conspirators cleared the event logs from a DNC computer. On or about June 20, 2016, the Conspirators deleted logs from the AMS panel that documented their activities on the panel, including the login history.
Efforts to Remain on the DCCC and DNC Networks
32. Despite the conspirators' efforts to hide their activity, beginning in or around May 2016, both the DCCC and DNC became aware that they had been hacked and hired a security company ("Company 1") to identify the extent of the intrusions. By in or around June 2016, Company 1 took steps to exclude intruders from the networks.
Despite these efforts, a Linux-based version of X-Agent, programmed to communicate with the GRU-registered domain linuxkrnl.net, remained on the DNC network until in or around October 2016.
33. In response to Company 1's efforts, the Conspirators took countermeasures to maintain access to the DCCC and DNC networks.
a. On or about May 31, 2016, YERMAKOV searched for open-source information about Company 1 and its reporting on X-Agent and X-Tunnel. On or about June 1, 2016, the conspirators attempted to delete traces of their presence on the DCCC network using the computer program CCleaner.
b. On or about June 14, 2016, the Conspirators registered the domain actblues.com, which mimicked the domain of a political fundraising platform that included a DCCC donations page. Shortly thereafter, the Conspirators used stolen DCCC credentials to modify the DCCC website and redirect visitors to the actblues.com domain.
c. On or about June 20, 2016, after Company 1 had disabled X-Agent on the DCCC network, the Conspirators spent over seven hours unsuccessfully trying to connect to X-Agent. The Conspirators also tried to access the DCCC network using previously stolen credentials.
34. In or around September 2016, the Conspirators also successfully gained access to DNC computers hosted on a third-party cloud-computing service. These computers contained test applications related to the DNC's analytics.
After conducting reconnaissance, the Conspirators gathered data by creating backups, or "snapshots," of the DNC's cloud-based systems using the cloud provider's own technology. The Conspirators then moved the snapshots to cloud-based accounts they had registered with the same service, thereby stealing the data from the DNC.
----------------------------------
(to be continued...)
-30-
No comments:
Post a Comment