DNC alerts FBI to phishing attack on its voter database

The Democratic National Committee called the FBI Tuesday, after discovering what the DNC says was the early phase of a sophisticated phishing attempt to hack its voter database.

CNN reports that the DNC was first alerted in the wee hours of Tuesday morning by "a cloud service providers and a security research firm" that a bogus login page had been created by a malicious actor who was trying to collect usernames and passwords they could use to then gain entry to the Democratic Party voter database.

The DNC, the cloud host, and the security researchers all believe they effectively halted an attack.

No official word on who was behind the attack, at this time.

And no comment yet from the FBI.

The fake page was designed to look exactly like the login page Democratic Party officials and campaigns across the country use for 'Votebuilder,' which hosts the DNC's database.

The bad guys' idea was to spoof a familiar site and get users to hand over their login credentials, then misuse those credentials for who knows what nefarious purpose.

The DNC is said to be investigating who was responsible for the attempted attack, and has no reason to believe its voter file was accessed or altered.

From CNN's report:

The page was initially discovered late Monday by Lookout, a San Francisco-based cybersecurity firm. The company doesn't work for the DNC but alerted the party to its findings, Mike Murray, the company's vice president of security intelligence, told CNN on Wednesday.

Murray said that a link to the page could have been sent to Democrats by email or through other online platforms in a spearphishing operation.

"It was very convincing," Murray said, adding that if a person were to see the real login page and the fake login page side-by-side, it would be difficult to tell them apart. "It would have been a very effective attack," he said.

The fraudulent page was hosted on a cloud computing platform called DigitalOcean, which took action to remove the page as soon as it was alerted by Lookout, the cloud company said.
"We see no evidence that any sensitive data was stolen and our initial investigation indicates that we were able to address this threat prior to the attack being launched," Josh Feinblum, chief security officer at DigitalOcean, said in a statement.

The DNC's chief security officer Bob Lord, a former Yahoo! executive, briefed Democrats on the attempted attack at a meeting of the Association of State Democratic Committees in Chicago on Wednesday.

"These threats are serious and that's why it's critical that we all work together, but we can't do this alone. We need the (Trump) administration to take more aggressive steps to protect our voting systems. It is their responsibility to protect our democracy from these types of attacks," Lord said in a statement to CNN.