Aug 6, 2018

How Russian hackers hide inside abandoned email accounts

Photo: Lisa Forster/picture alliance via Getty Images

Researchers have used "," a single email address listed in one of special prosecutor Robert Mueller's indictments, as a key to trace new details of the inner workings of social media disinformation campaigns.

Why it matters: The "allforusa" account was a real email address that had been abandoned by its creator and then compromised and reused, a tactic that allows hackers to evade detection and legitimize deceptive activity — in this case, including thousands of comments posted on the FCC's site about net neutrality rules.

The report from the cyberintelligence firm GroupSense, released Monday, follows a trail of password-based clues connecting the "allforusa" account to 9.5 million other email addresses and related social media accounts, many used to distribute inflammatory content and inauthentic messages, including 40,041 postings on the FCC site.

"Allforusa" wound up in the Mueller indictment after the Russian-intelligence-backed Internet Research Agency likely purchased access to a group of hijacked accounts, according to the GroupSense report. Mueller linked the email address with fraudulent Paypal accounts that the IRA used to pay for pro-Trump, anti-Clinton ads during the 2016 election.

What they're saying:

Compromised email accounts are being used to influence public opinion on important topics... The availability and sheer volume of these compromised accounts enables threat actors to conduct campaigns under the guise of actual citizens.
— GroupSense's report

Allegations have previously come from both sides of the net neutrality debate that people are gaming the system, such as using other people’s identities to post comments, including those of people who have died, per the WSJ.

  • This isn’t entirely a new game. The WSJ found there have been allegations of falsified or fraudulent postings related to comments with the Consumer Financial Protection Bureau, the Federal Energy Regulatory Commission, and the Securities and Exchange Commission.

Go deeper

Axios-Ipsos Coronavirus Index: Rich sheltered, poor shafted amid virus

Data: Axios/Ipsos survey. Margin of error ±2.8 points for full sample. Margin for subgroups ranges from ±5 to ±9 points. Chart: Naema Ahmed/Axios

The coronavirus is spreading a dangerous strain of inequality.

  • Better-off Americans are still getting paid and are free to work from home, while the poor are either forced to risk going out to work or lose their jobs.

Driving the news: This sobering reality emerges from Week 3 of our Axios-Ipsos Coronavirus Index.

Go deeperArrow12 mins ago - Health

How the pandemic will reshape cities

Illustration: Eniola Odetunde/Axios

The coronavirus pandemic will leave its mark on urban centers long after the outbreak itself recedes.

Why it matters: The most densely populated cities are ground zero for the virus' rapid spread and highest death tolls — and they're also likely to be pioneers in making lasting changes to help prevent the same level of devastation in the future.

Go deeperArrow13 mins ago - Health

U.S. coronavirus updates: Death toll tops 4,000

Data: The Center for Systems Science and Engineering at Johns Hopkins; Map: Andrew Witherspoon/Axios

The novel coronavirus has now killed more than 4,000 people in the U.S. — with over 1,000 deaths reported in New York City, per Johns Hopkins.

The state of play: President Trump said Tuesday it's "going to be a very painful two weeks," with projections indicating the virus could kill 100,000–240,000 Americans — even with strict social distancing guidelines in place.

Go deeperArrowUpdated 2 hours ago - Health