Expert of Malware Blow the Whistle on Russian Hacking

A Ukrainian author of malware who built the PAS Web shell- a PHP based imbed used to remotely execute commands on hacked systems - has turned himself in to Ukrainian authorities. He has been cooperating with the probe by Federal Bureau of Investigation into the seeming Russian hacking of the Democratic National Committee.

Profexor provided information to the FBI and Ukrainian investigators which reveals that how hackers, in part, used a combination of purpose-built and community tools as part of what researchers have labeled as the threat group "APT 28" which also known as "Fancy Bear."

According to a report by New York Times on Wednesday, a hacker known as "Profexer" apparently is the one who made the malware which broke into the servers of Democratic National Committee (DNC) and collected thousands of emails which WikiLeaks dumped online for the whole world to see.

The two hacker groups apparently responsible for the attack on the DNC are supposed to be Advanced Persistent Threat 28, also known as Fancy Bear and the Russian group Cozy Bear. Newsweek.com posted on August 16th, 2017, stating that each is believed to be backed by military intelligence arm of Russia.

Apparently, Profexer got frightened in December, when the Department of Homeland Security and the FBI revealed a report about the Russian hacking effort to the public, which it dubbed Grizzly Steppe. That report referred to malware program of Profexer and hence, he became silent on the hacker forums in early January.

The malware's loot somehow made its way to WikiLeaks whose founder is Julian Assange, who has insisted that he did not gain the DNC emails from the Russian government. WikiLeaks first published these in July 2016 which was three days before the convention held by DNC in Philadelphia.

The damaging emails included major exposures about the attempts to "undermine" by DNC and ultimately led to the resignation of Debbie Wasserman Schultz as chairwoman of DNC.

Fancy Bear and its twin Cozy Bear have operated more as centers for organization and financing rather than arming, training and deploying hackers to carry out a particular mission like just another military unit. Also much of the hard task such as coding is subcontracted to private and often crime-tainted vendors.

» SPAMfighter News - 8/22/2017