back to article US DNC hackers blew through SIX zero-days vulns last year alone

Security researchers have shone fresh light on the allegedly Russian state-sponsored hacking crew blamed for ransacking the US Democratic National Committee's computers. Sednit – also known as APT28, Fancy Bear and Sofacy – has been operating since 2004. The cyber-mob has reportedly infiltrated machines operated by targets as …

  1. ratfox

    Well, that certainly gives some credibility to the claim it's a state actor.

    1. Anonymous Coward
      Anonymous Coward

      Wonder if they will get the loser blues like the Koch's did in 2012 after blowing through all that cash (or in this case invaluable zero days) with remarkably little to show for it (granted what the Kansas boys did was legal at least).

      1. Destroy All Monsters Silver badge

        If these are "state actors" (I'm sold, these guys are NP-hard) we are beyond "legal". "Legal" is for the rubes.

        To quote "Raw Deal"

        Elevator Operator: Good evening, sir.

        Mark Kaminsky: Down.

        Elevator Operator: There is no down.

        Mark Kaminsky: Hey, I'm not a cop. I'm a player.

    2. Amos1

      What they didn't say...

      Was whether the exploits came from that 2013 NSA stash or from that new guy, the one who swiped "terabytes" of NSA documents and files, including exploits. If so, that would diminish the fact that it was a non-USA state actor.

  2. disgruntled yank

    Mostly

    "Most of the targets uncovered by ESET's research have Gmail addresses"

    Most of the people I know seem to have Gmail addresses.

    1. Anonymous Coward
      Anonymous Coward

      Re: Mostly

      And here's a good reason why that may not be a good idea:

      https://www.aps.org/publications/apsnews/updates/xicharges.cfm

      https://www.aps.org/publications/apsnews/201510/charges-dropped.cfm

      Temple University handed over the University email system to google years ago, and everyone involved in this false arrest case thinks the NSA monitoring Temple's gmail, but not understanding what they were reading, is how this fiasco started.

      1. Destroy All Monsters Silver badge

        Re: Mostly

        This will be going more often.

        Don't expect different results with Microsoft Exchange Online.

  3. Anonymous Coward
    Anonymous Coward

    Were it my operation, I'd reserve 0-days for my primary function for the group. Which reaffirms just what they are all about, black-bag operations.

  4. bombastic bob Silver badge
    Devil

    Windows, Adobe Flash and Java vulnerabilities

    Well, THERE's your PROBLEM!

    Seriously, it's kinda known that vulnerabilities are traded on the dark web. It's also likely that the people doing this are NOT 'state sponsored', but may simply be 'anon' type activists. If you want to find them, you'd have better luck hanging out on 4chan or some similar place that 'anonymous' frequents. Pointing fingers at Russia is just Mrs. Clinton's latest distraction, since those leaks make her (and the DNC) look pretty bad...

    (not saying that none of the 'anon' actors are NOT inside Russia, which may be true, but that they're probably not sponsored by Putin's gummint)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like