The US agency charged with ensuring that voting machines meet security standards was itself penetrated by a hacker after the November elections, according to a security firm working with law enforcement on the matter.
The security firm, Recorded Future, was monitoring underground electronic markets where hackers buy and sell wares and discovered someone offering log-on credentials for access to computers at the US Election Assistance Commission, company executives said.
Posing as a potential buyer, the researchers engaged in a conversation with the hacker, said Levi Gundert, vice president of intelligence at the company, and Andrei Barysevich, director of advanced collection.
Eventually they discovered that the Russian-speaking hacker had obtained the credentials of more than 100 people at the election commission after exploiting a common database vulnerability, the researchers said.
The hacker was trying to sell information about the vulnerability to a Middle Eastern government for several thousand dollars, but the researchers alerted law enforcement and said Thursday that the hole had been patched.
Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>