



The revelation underscored how vulnerable Americans are to email targeting by criminals and foreign adversaries, even as U.S. officials announced that Iran and Russia had obtained voter registration data and email addresses with an eye toward interfering in the 2020 election.

Much of the data identified by Trustwave, a global cybersecurity company, is publicly available, and almost all of it is the kind that is regularly bought and sold by legitimate businesses. But the fact that so many names, email addresses, phone numbers and voter registration records were found for sale in bulk on the so-called dark web underscores how easily criminals and foreign adversaries can deploy it as the FBI said Iran has done recently, by sending emails designed to intimidate voters.

The data is a mix of material stolen in various hacks of companies in recent years and publicly available data retrieved from government websites, he said. In most states, voter registration information is publicly available, for example.

Trustwave monitors dark web forums for threat information, and it came across a hacker calling himself Greenmoon2019 who was offering the data for sale. Trustwave used fictitious identities to induce the hacker to provide more information, including a Bitcoin wallet that Greenmoon2019 used to collect payment.

Hackers sponsored by Russia have been trying to break into US state and local government computer networks and in two instances were successful, US government agencies said on Thursday - the second major warning over foreign hacking in as many days.

In an alert less than two weeks before the US election, the agencies said that a Russian group, sometimes called Berserk Bear or Dragonfly by researchers, had targeted dozens of state, local, tribal and territorial US governments as well as aviation networks.

"Since at least September 2020, a Russian state-sponsored ... actor ... has conducted a campaign against a wide variety of US targets," the Federal Bureau of Investigation and the Department of Homeland Security said.

The hackers successfully broke into an unspecified number of networks and, as of earlier this month, had stolen data from two of them, the agencies said in a posting on the website of the Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security.

The analysts said at least some of the data comes from public records, but that other information appears to have come from data leaks or breaches. -AFP

























