Hackers Steal Credit Card Data From Visitors of US Senate GOP Committee Website (krebsonsecurity.com) 29
pdclarry writes: While all of the recent news has been about hacking the Democratic National Committee, apparently the Republicans have also been hacked over many months (since March 2016). This was not about politics, however; it was to steal credit card numbers. Brian Krebs reports: "a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the web storefront of the National Republican Senatorial Committee (NRSC). [...] If you purchased a 'Never Hillary' poster or donated funds to the NRSC through its website between March 2016 and the first week of this month [October 2016], there's an excellent chance that your payment card data was siphoned by malware and is now for sale in the cybercrime underground." Krebs says his information comes from Dutch researcher Willem De Groot, co-founder and head of security at Dutch e-commerce site byte.nl. The Republicans were not alone; theirs was just one of 5,900 e-commerce sites hacked by the same Russian actors. You can view De Groot's analysis of the malware planted on the NRSC's site and other services here. Krebs adds: "The NRSC did not respond to multiple requests for comment, but a cached copy of the site's source code from October 5, 2016 indicates the malicious code was on the site at the time (load this link, click 'view source' and then Ctrl-F for 'jquery-cloud.net')."
Dear supporter (Score:1)
Thank you very much for your donation to Hillary Clinton's election fund. With your help, we'll win.
Re: (Score:3)
I think this summary is the most creative dupe on slashdot I've ever seen.
Here's the original one from three days ago:
https://news.slashdot.org/stor... [slashdot.org]
Why creative? Well, this one made it all about the RNC website, and mentioned the other sites with less emphasis. Meanwhile, the original post mentioned the other sites, while mentioning the republican site with less emphasis. And it seems that few people noticed, which is somewhat unusual because dupes are usually quickly spotted by commenters.
And the full list (Score:1)
The list of compromised eCommerce site had a bit of controversy surrounding it too. Github censored the list, as did Gitlab. However, Gitlab later restored the list:
https://gwillem.gitlab.io/2016/10/14/github-censored-research-data/
Re: Inside Job (Score:1)
A/c included DNC
Re: (Score:2)
And it's a Russian conspiracy too!
Who cares (Score:1)
The US Senate has and always will be bought and sold by the highest bidder anyway
Oh well (Score:3, Funny)
I'm sure all the people who were enthusiastic about the DNC hacks will agree that it doesn't matter who did this. Only the information that's released matters. Absolutely no need to identify the perpetrators because they're doing a public a service by releasing information that would otherwise have remained hidden.
Re: (Score:1)
Definitely. A few contributors having to cancel and replace their credit cards is worth the full disclosure of the rotten-to-the-core political culture at the DNC. I bet you could even find and interview Republicans who are victims of this particular hack who would agree it's worth it.
It's all fine. The information released by the DNC hack is quite important. It won't even stop being relevant and worth study after the election.
(Anybody who thinks the Coronation will be the end of it is a little nuts.)
Prickileaks (Score:2)
"We Open Governments"
Re:Is NRSC Federal Government or Private? Private. (Score:4, Informative)
Obviously you're not from the U.S. or you would have known instantly the NRSC has nothing to do with our government aside from being a way for Republicans to get money for Senatorial candidates. The Democrats do the same thing, they just call their version something different.
No one, particularly at this level of fundraising, would be stupid enough to use a .gov domain name. That invites all kinds of scrutiny, and possible legal action, which no one wants to be part of.
That darn Hillary! (Score:1)
How she found the time to back the NRSC site I just don't know. I am so gosh darn upset.
Sloppy Work! (Score:3)
Fool! Putin himself said we don't hack the Republicans.
Russian hackers hack NRSC (Score:2)
Where's the evidence that Russian hackers were responsible?
Re: (Score:2)
Well, the evidence is a Dutch "report" from "this past week". It's right there in the summary.
Seriously, though, there's an analysis of the malware [github.com] linked in one of the articles. That's as much proof as you're going to get.