News Daily Spot: Russian Hacker confessed to obtaining keys from the US Election Assistance Commission

more news

Russian Hacker confessed to obtaining keys from the US Election Assistance Commission



A Russian hacker calling himself Rasputin claims to have obtained the access keys to the system used by the Election Assistance Commission (EAC) in the United States.

The information was released following an investigation by security firm Recorded Future, which claims that 'Rasputin' had been trying to sell the EAC system access credentials.

The EAC in the United States, is the entity that tests and certifies the equipment that is used in the electoral elections to carry out the voting. It also provides training on good voting practices.

Recorded Future also confirmed that among the credentials that Rasputin was selling, some administrative accounts that might have been used to remove sensitive information from the EAC or to deploy an exploit that compromised the computers were included.

According to Rasputin, he used a SQL injection technique taking advantage of an unpatched vulnerability. The EAC investigated the incident and has already corrected the safety breach.

In a statement, the EAC wanted to clarify that its participation in the elections proper is limited: The EAC does not collect or store any personal information. The EAC does not maintain electoral databases. The EAC does not tabulate or store the total votes.

On the other hand, Recorded Furture reveals some information concerning Rasputin. He says he is a hacker who has been following him since 2015 and who has already been trying to sell details on how to attack a Middle Eastern government using the SQL injection technique.

click here