Intelligence analysts and private-sector sleuths who uncovered Iran’s involvement in the Proud Boys hoax emails are saying that “stupid mistakes” by Iran led to the quick solving of the mystery.
In fact, some analysts are openly wondering if Iran didn’t deliberately make it easy for us to follow the bread crumbs. Ordinarily, it takes months of technical analysis to follow the leads and determine guilt in such cyber attacks.
The “mistakes” were made in the video attached to several of the messages, according to several analysts connected to the investigation.
“Either they made a dumb mistake or wanted to get caught,” said a senior U.S. government official, who asked not to be identified. “We are not concerned about this activity being some kind of false flag due to other supporting evidence. This was Iran.”
Attribution to Iranian hackers does not necessarily mean a group is working at the behest of the government there. Iranian officials denied the U.S. allegations.
“These accusations are nothing more than another scenario to undermine voter confidence in the security of the U.S. election, and are absurd,” said Alireza Miryousefi, spokesman for Iran’s mission to the United Nations in New York.
Interesting that the Iranian spokesman used Democratic Party talking points in responding to the charges.
Nevertheless, the effort to ferret out Iranian involvement was a joint collaboration between government and private industry.
Within hours of the video being circulated this week, which purported to come from a American far-right group known as The Proud Boys, intelligence officials and major email platform providers, such as Alphabet Inc’s GOOGL.O Google and Microsoft Corp MSFT.O, began closely analyzing computer code that appeared in the hackers’ video.
While the emails, which demanded that voters change their party affiliation to the Republican Party and vote for President Donald Trump or “we will come after you,” appeared to come from an official-looking Proud Boys email address, the address was inauthentic, security analysts said. The Proud Boys denied they were behind the messages.
The Iranians attempted to obscure their identity in the video but didn’t do a very good job of it.
The video showed the hackers’ computer screen as they typed in commands and pretended to hack a voter registration system. Investigators noticed snippets of revealing computer code, including file paths, file names and an internet protocol (IP) address.
Security analysts found that the IP address, hosted through an online service called Worldstream, traced back to previous Iranian hacking activity, the sources said.
Either their geeks aren’t worth spit or our geeks are really that much better. I tend to believe the latter.
Links to the video were also shared on Twitter and Facebook. One Twitter account, named “Trump Soldier,” posted the link to the video with the comment, “It seems they hacked voting system.” Twitter says they acted quickly “to proactively and permanently suspend a small number of accounts and limit the sharing of media specific to this coordinated campaign.” Facebook also banned accounts posting links to the fake video.
I can’t believe the Iranians deliberately set out to get caught. They were hoping that their identity would be hidden far longer while the smear of the Proud Boys lingered. Either we got very lucky or we were really that good this time. You hate to think what other foreign influences are at work trying to affect the election.