AP finds hackers hijacked at least 195 Trump web addresses

In this Jan. 19, 2017, file photo, then-President-elect Donald Trump and his wife Melania Trump and family wave at the conclusion of the pre-Inaugural "Make America Great Again! Welcome Celebration" at the Lincoln Memorial in Washington.(AP Photo/David J. Phillip. File)
Updated 04 November 2017
0

AP finds hackers hijacked at least 195 Trump web addresses

WASHINGTON: Four years ago, well before the furor over allegations Moscow meddled in the 2016 election that put Donald Trump in the White House, at least 195 web addresses belonging to Trump, his family or his business empire were hijacked by hackers possibly operating out of Russia, The Associated Press has learned.
The Trump Organization denied the domain names were ever compromised. But a review of Internet records by the AP and cybersecurity experts shows otherwise. And it was not until this past week, after the Trump camp was asked about it by the AP, that the last of the tampered-with addresses were repaired.
After the hack, computer users who visited the Trump-related addresses were unwittingly redirected to servers in St. Petersburg, Russia, that cybersecurity experts said contained malicious software commonly used to steal passwords or hold files for ransom. Whether anyone fell victim to such tactics is unclear.
A further mystery is who the hackers were and why they did it.
The discovery represents a new twist in the Russian hacking story, which up to now has focused mostly on what US intelligence officials say was a campaign by the Kremlin to try to undermine Democrat Hillary Clinton’s candidacy and benefit Trump’s.
It is not known whether the hackers who tampered with the Trump addresses are the same ones who stole Democratic officials’ emails and embarrassed the party in the heat of the campaign last year. Nor is it clear whether the hackers were acting on behalf of the Russian government.
The affected addresses, or domain names, included donaldtrump.org, donaldtrumpexecutiveoffice.com, donaldtrumprealty.com and barrontrump.com. They were compromised in two waves of attacks in August and September 2013, according to the review of Internet records.
Many of the addresses were not being used by Trump. Businesses and public figures commonly buy addresses for possible future use or to prevent them from falling into the hands of rivals or enemies. The Trump Organization and its affiliates own at least 3,300 in all.
According to security experts, the hackers hijacked the addresses by penetrating and altering the domain registration records housed at GoDaddy.com, a seller of web addresses.
Accounts at GoDaddy, like at any site that requires a user name and password, are often subject to malicious messages known as phishing attacks, which are designed to trick people to reveal that personal information to hackers.
Computer users who entered or clicked on one of those Trump addresses probably would have had no idea they were redirected to servers in Russia.
Within days after the AP asked the Trump Organization about the tampering, the affected web addresses were all corrected.
The White House referred questions to the Trump Organization. The FBI did not respond to a request for comment.
GoDaddy spokesman Nick Fuller said the company had no breaches of its system in 2013 and has measures in place to monitor for malicious activity. Fuller would not discuss any customers in particular.
Some cybersecurity experts said there is an outside chance the tampering was a probe — an attempt to test security for an eventual effort to gather information on Trump or his business dealings. But those experts were only guessing.
There was no evidence the hackers ultimately broke into server computers at the Trump Organization or other Trump interests.
“This is beyond me,” said Paul Vixie, CEO of the San Mateo, California-based Internet security company Farsight Security Inc. “I have simply never seen a benefit accrue from an attack of this kind. I’m at loss, unless it’s a demonstration of capabilities.”
Vixie said the Trump Organization’s apparent failure to detect what was happening probably suggests inadequate cybersecurity at the company.
“There’s no way something like this could go by in the Bloomberg empire without this being seen,” Vixie said.


Wife of former Malaysian PM Najib to be questioned by anti-corruption agency

Updated 25 September 2018
0

Wife of former Malaysian PM Najib to be questioned by anti-corruption agency

  • Rosmah was first questioned in June in connection with the investigation
  • A source familiar with the investigation said Rosmah would be questioned in connection with the 1MDB probe

KUALA LUMPUR: Rosmah Mansor, the wife of former Malaysian prime minister Najib Razak, was summoned on Tuesday for questioning by the anti-graft agency in its multi-billion dollar corruption probe at state fund 1MDB.
It was the second time Rosmah, 66, has been called in by the Malaysian Anti-Corruption Commission (MACC) since the shock defeat of Najib in the May general election.
Rosmah was first questioned in June in connection with the investigation, which is looking into allegations of corruption and misappropriation in state fund 1Malaysia Development Berhad (1MDB). Her husband has pleaded not guilty to charges of money laundering, abuse of power and criminal breach of trust.
The former first lady was served with a notice on Tuesday afternoon to appear before MACC the next day, her lawyer K.Kumaraendran said, adding that she was asked to assist with investigations under the anti-money laundering act.
A source familiar with the investigation said Rosmah would be questioned in connection with the 1MDB probe.
After filing fresh charges against Najib last week, Azam Baki, the deputy commissioner of the anti-graft agency, said more charges could be brought against individuals over 1MDB.
When asked if Rosmah could face charges, he said: “I’m not denying that.”
Rosmah’s penchant for designer handbags, watches and jewelry raised eyebrows in Malaysia, with opponents asking how she was able to afford the luxury items on her husband’s government salary.
She has drawn comparisons to Imelda Marcos, who left behind more than 1,200 pairs of shoes when her husband Ferdinand Marcos was ousted as president of the Philippines in 1986.
Najib and Rosmah have both been barred from leaving the country since the former’s election defeat, and their home and other properties linked to them have been searched by the police as part of the 1MDB investigations.
The haul seized from the properties included 567 handbags, 423 watches and 12,000 pieces of jewelry.
Najib has said most of the seized items were gifts given to his wife and daughter and had nothing to do with 1MDB.
The US Department of Justice has alleged more than $4.5 billion was misappropriated from 1MDB and that about $680 million ended up in Najib’s personal bank account. Najib has denied any wrongdoing.