It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Remote Desktop, but malware.
originally posted by: TheRedneck
a reply to: face23785
The maximum theoretical transfer rate to USB 2.0 is 60 MB.s, not 23. USB 3.0 has a maximum transfer rate of 640 MB/s, and USB 3.0 is becoming pretty common now. I would expect to see higher transfer rates if a USB was used. That does not mean USB was not used for the transfer, only that it wasn't used to maximum efficiency.
It actually sounds to me like a background transfer to another point in the LAN, probably to a server link closer to the router/switch. There again, one would think that in an organization as large as the DNC, someone would be watching data transfer rates. That kind of transfer for the amount of time it would have taken, not to mention the HDD usage, would have been like a flashing neon sign saying "HACKERS HERE!"
Someone wasn't looking, at the very least.
That brings up another issue... Phage showed where a remote access app was used to do the transfers... if more than one machine were used, more than one such app would be needed. We're not getting the whole story yet.
originally posted by: fleabit
It's cute that multiple intelligence agencies have said there is, without a shadow of a doubt, proof that the Russian government was involved in hacking
Astonishingly and often overlooked, the authors of the declassified ICA themselves admit that their “judgments are not intended to imply that we have proof that shows something to be a fact.”
originally posted by: fleabit
NO one is so stupid as to ask the Russian to hack the election during a televised event.. right? hmmm..
Yes, I know. I've pointed out several times that malware was involved.
In order to do a remote desktop operation, there must be software running on the remote machine. That indicates a serious breach of security right there.
That would be a lot of CPU usage/disk access for quite a long time.
Conclusion 4: The overall time to obtain the DNC files found in the 7z file was 14 minutes; a significant part of that time (13 minutes) is allocated to time gaps that appear between several of the top-level files and directories.
Surely you could have come up with a more colorful colloquialism, but the zipped files were not all that large. Less than a gig.
Ditto with free space on the drives; unless the machine that was being used simply had a massive amount of free disk space, those compressed files would eat up free space like a pig eating fresh slop.
Technical note: the size of the 7zip file is 711,396,436 bytes
Read the indictment, a lot is explained. But yes, the breach was discovered, too late.
Bottom line is that either someone was looking the other way (or actively helping) or the security on the servers was practically nil.
32. Despite the Conspirators’ efforts to hide their activity , beginning in or around May 2016, both the DCCC and DNC became aware that they had been hacked and hired a security company (“Company 1”) to identify the extent of the intrusions. By in or around June 2016, Company 1 took steps to exclude intruders from the networks. Despite these efforts, a Linux- based version of X- Agent , programmed to communicate with the GRU -registered domain linuxkrnl.net, remained on the DNC network until in or around October 2016. 33. In response to Company 1’s efforts, the Conspirators took countermeasures to maintain access to the DCCC and DNC networks.
The 23MB/s speed is the speed at which the zipped files were transferred off the system (as far as I've read).
Conclusion 7. A transfer rate of 23 MB/s is estimated for this initial file collection operation. This transfer rate can be achieved when files are copied over a LAN or when copying directly from the host computer’s hard drive.