It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
A Ukrainian malware author who built the PAS Web shell—a PHP-based implant used to execute commands remotely on hacked systems—has turned himself in to Ukrainian authorities. He has been cooperating with the Federal Bureau of Investigation's probe into the apparent Russian hacking of the Democratic National Committee. The information provided by "Profexor" to Ukrainian investigators and the FBI reveals, in part, how hackers (who were apparently coordinated by a Russian intelligence agency) used a combination of purpose-built and community tools as part of what researchers have labeled as the threat group "APT 28," also known as "Fancy Bear."
Profexor " has not been charged in Ukraine, as he didn't use his remote access tool himself for malicious purposes. He did offer a version of the remote access tool for free on his member-only website, but he also built custom versions and provided training for pay. One of his customers was someone who used the tool in connection with malware connected to Fancy Bear to establish a backdoor into the DNC's network.
originally posted by: jadedANDcynical
a reply to: burntheships
This is potentially huge.
Funny, Ukraine keeps popping up, makes one wonder does it not?
originally posted by: burntheships
a reply to: Xcathdra
Is it possible he gave to program to someone who
used it locally?
originally posted by: PlasticWizard
So this is guy wrote the software that's available for download on the darknet? Like couldn't someone else have just used a copy?
Seems to me like they just arrested the guy for writing the software, maybe trying to pin the hack onto him to stretch out the investigation.
originally posted by: burntheships
a reply to: Xcathdra
Is it possible he gave to program to someone who
used it locally?
I suppose the other option could be they found a patsy?
originally posted by: burntheships
a reply to: Gothmog
Ok, next question. Is it possible he wrote it for
someone inside the DNC?
originally posted by: burntheships
a reply to: Gothmog
www.politico.com...
This report indicates that it was Hillary Clinton's
candidacy the hacker was backing!
www.abovetopsecret.com...
My thoughts are that these two separate reports are connected,
but as always I am open to correction.