The BBC has uncovered evidence that the alleged Russian hackers responsible for hacking the DNC used servers linked to a company based in Pakistan.
“BBC says a server whose IP was hard-coded into the virus found on the DNC’s server traces to a company called Crookservers that is based in PAKISTAN, run by a guy named Usman Ashraf,” the Daily Caller’s Luke Rosiak tweeted.
BBC says a server whose IP was hard-coded into the virus found on the DNC's server traces to a company called Crookservers that is based in PAKISTAN, run by a guy named Usman Ashrafhttps://t.co/uQvYVvYjso
— Luke Rosiak (@lukerosiak) December 22, 2017
When Russia’s most notorious hackers hired servers from a UK-registered company, they left a trove of clues behind, the BBC has discovered.
The hackers used the computers to attack the German parliament, hijack traffic meant for a Nigerian government website and target Apple devices.
The group played a key role in 2016’s attack on the US’s Democratic National Committee (DNC), according to security experts.
Indeed an internet protocol (IP) address that once belonged to a dedicated server hired via Crookservers was discovered in malicious code used in the breach
But after a short period, the listing switched to Pakistan. The BBC has seen no evidence the shop or its employees knew how the address was being used or that Crookservers had any real connection to the newsagent’s. […]
The BBC identified Crookservers’s operator as Usman Ashraf.
Thegatewaypundit.com reports: At this point, little is known as to why Crookservers was later moved to Pakistan.
Ashraf refused to participate in a telephone interview with the BBC, instead writing via email that the hackers were eventually banned from using Crookservers.
“We never know how a client is using the server,” Ashraf claimed.
In November, WikiLeaks released ‘Vault 8,’ a series of documents detailing how the CIA developed code to impersonate Russian anti-virus giant ‘Kaspersky Labs.’ The mainstream media refuses to include WikiLeaks’ findings in its reporting on alleged Russian hackers breaching the DNC’s network.
— WikiLeaks (@wikileaks) November 9, 2017
WikiLeaks says it has published the source code for the CIA hacking tool ‘Hive,’ which indicates that the agency-operated malware could mask itself under fake certificates and impersonate public companies, namely Russian cybersecurity firm Kaspersky Lab.
The CIA multi-platform hacking suite ‘Hive’ was able to impersonate existing entities to conceal suspicious traffic from the user being spied on, the source code of the malicious program indicates, WikiLeaks said on Thursday.
The extraction of information would therefore be misattributed to an impersonated company, and at least three examples in the code show that Hive is able to impersonate Russian cybersecurity company Kaspersky Lab, WikiLeaks stated.
As The Gateway Pundit’s Carter Brown previously reported, WikiLeaks published over 600 more files back in March claiming to show the CIA used extensive measures to hide its hacking attacks and make it look like Russia, China, North Korea, or Iran carried out the attacks.
The Vault 7 tranche of files and code WikiLeaks continues to drop gives us a better look at what the CIA’s ‘Marble’ software is and how it carries out its attacks.
The code traverses a number of languages from Arabic to Chinese, to Korean, Farsi (the language of the Iranians), and Russian.