Microsoft has shown that several countries are supporting hackers to influence the upcoming US presidential election. But it’s not the first time According to the company, Russian, Iranian and Chinese hackers have already tried to violate cybersecurity in Joe Biden and Donald Trump campaigns.
In one article, Microsoft said violation attempts targeted other people’s email accounts near campaigns. Microsoft claims that maximum attacks have been prevented. Tom Burt, vice president of security and trust for Microsoft visitors, says some attacks may not have. has been detected.
Russian hackers appear to come from an organization known as Strontium, also known as Fancy Bear or APT28. Microsoft says the hacker team has been incredibly active over the next year, specifically, they have introduced attacks against two hundred organizations since September 2019.
Some of them include:
Strontium strategies come with spear-phishing email campaigns, brute force attacks and password fumigation. Microsoft claims that the group’s attacks are undeniable to stumble upon regularly, but increasingly sneaky:
“Strontium has also disguised these attacks by collecting credentials in new ways, executing more than 1,000 IP addresses in consistent rotation, many of which are related to Tor’s anonymization service. Strontium has even evolved its infrastructure over time, adding and cutting around 20 IPs. one day to hide their business more».
Iran-backed hackers are from the Phosphorus group. Microsoft has been tracking the group’s attacks since last year and has already warned that the 2020 election is a target. Redmond now says Trump’s crusade is an attack target.
“Between May and June 2020, Phosphorus tried unsuccessfully to log in to management accounts and Donald Trump as staff for the presidential crusade,” Burt adds.
Hackers running for the Chinese government are also in action. Microsoft says Zirconium is leading an avalanche of equipment used to attack U. S. elections. The company says thousands of attacks have come from the organization since March of this year:
“Zirconium uses what are called Internet errors, or Internet tags, connected to a domain that they bought and filled with content. The actor then sends the related URL as an email text or attachment to a target account. Although the domain itself does not involve malicious content content, the Internet error allows Zirconium to verify whether a user has attempted to access the site. For players in geographic regions, this is an undeniable way to generate popularity on specific accounts to determine if the account is valid or if the user is active. “