Daily Archives: January 3, 2017

Election Hack Report FAQ: What You Need to Know

WordFence has the article Election Hack Report FAQ: What You Need to Know to accompany the more technical article mentioned in my previous post US Govt Data Shows “Russia” Used Outdated Ukrainian PHP Malware.

In the FAQ, you do not have to infer answers to your questions. They spell it out for you. Here is an example.

Does the report prove that Russia Hacked the 2016 US Election?

No it does not. What Wordfence revealed on Friday is that the PHP malware sample that the US government provided is:

  • An old version of malware. The sample was version 3.1.0 and the current version is 3.1.7 with 4.1.1 beta also available.
  • Freely available to anyone who wants it.
  • The authors claim they are Ukrainian, not Russian.
  • The malware is an administrative tool used by hackers to upload files, view files on a hacked website, download database contents and so on. It is used as one step in a series of steps that would occur during an attack.

Wordfence also analyzed the IP addresses available and demonstrated that they are in 61 countries, belong to over 380 organizations and many of those organizations are well known website hosting providers from where many attacks originate. There is nothing in the IP data that points to Russia specifically.