The FBI and the DHS Took Us for Complete Fools
Yesterday, we reported that The Washington Post (WaPo) published a fake story about the Russians hacking a Vermont electric grid. They claimed it gave the hackers access to the entire U.S. Grid. As it happened, there was no hacking, no Russians, no exposure to the entire grid, but rather, there was one computer with some malware on it. The computer wasn’t connected to the grid in any way.
Furthermore, WaPo no longer bothers to research. They didn’t call the Vermont electric utility in Burlington to find out what actually happened before they published their fake story.
That’s not all!
The paranoid WaPo accused the Russians but the malware that was found on this one computer is an outdated, common virus associated with Ukraine.
While, WaPo’s reporting is a problem, the real problem is the DHS and the FBI. Their proof of Russian hacking is a complete lie that any novice could uncover.
The hackers must be laughing at these fools since the FBI and DHS couldn’t even come up with a good story. These agencies probably have a political science or creative writing major telling them what to write.
Maybe the FBI and DHS want to get caught.
A Security Company Analyzed the Bogus DHS-FBI Report
Wordfence, a popular and expert security firm for WordPress, analyzed the PHP malware sample contained in the DHS-FBI report. The report attempts to prove Russia hacked Clinton emails with no evidence.
DHS and DNI have released a joint statement that says:
“This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The report contains specific indicators of compromise, including IP addresses and a PHP malware sample.”
Wordfence, after a detailed analysis of the PHP malware sample, came to this conclusion:
The PHP malware sample they have provided appears to be P.A.S. version 3.1.0 which is commonly available and the website that claims to have authored it says they are Ukrainian. It is also several versions behind the most current version of P.A.S which is 4.1.1b. One might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources.
The IP addresses cited in the DHS-FBI report are commonly blocked by the Wordfence plugin.
People Who Believe the FBI-DHS Story Look Ridiculous
The overall conclusion by Wordfence:
The IP addresses that DHS provided may have been used for an attack by a state actor like Russia. But they don’t appear to provide any association with Russia. They are probably used by a wide range of other malicious actors, especially the 15% of IP addresses that are Tor exit nodes.
The malware sample is old, widely used and appears to be Ukrainian. It has no apparent relationship with Russian intelligence and it would be an indicator of compromise for any website.
Have the Russians hacked everything all the time using outdated Ukrainian malware that even a simple plugin could block easily and has been blocking for years?
Idiots like John McCain jumped right on the bandwagon. These politicians don’t look for the truth, nor does the media, they just lie, bloviate, rant and look for donations.