• Space/Science
  • GeekSpeak
  • Mysteries of
    the Multiverse
  • Science Fiction
  • The Comestible Zone
  • Off-Topic
  • Community
  • Flame
  • CurrentEvents

Recent posts

The "Publish" button RobVG January 19, 2025 11:10 am (GeekSpeak)

Of Milkvetch and Snail Darters RobVG January 19, 2025 10:56 am (Flame)

Anyone read "2001 a Space Odyssey" ? RobVG January 18, 2025 6:48 pm (Science Fiction)

Every day the record is broken. ER January 17, 2025 7:43 am (Space/Science)

Flip a coin BuckGalaxy January 16, 2025 4:41 pm (Space/Science)

More on Diamond Batteries BuckGalaxy January 15, 2025 12:29 pm (Space/Science)

LAFD: "Design For Disaster" - The Story of the Bel Air Conflagration | 1962 podrock January 14, 2025 8:34 am (CurrentEvents)

Tow the party line RobVG January 13, 2025 11:59 am (CurrentEvents)

AI created a diagram RobVG January 13, 2025 11:32 am (Off-Topic)

The population bomb is still ticking ER January 12, 2025 7:41 am (CurrentEvents)

Well here's a depressing opinion piece from one of my favorite columnists BuckGalaxy January 12, 2025 2:16 am (CurrentEvents)

It's getting personal BuckGalaxy January 9, 2025 3:15 pm (CurrentEvents)

Home » Flame

MacGuffin strikes back... October 9, 2018 6:31 pm RL

Was There a Connection Between a Russian Bank and the Trump Campaign?

The group was small—a handful of scientists, scattered across the country—and politically diverse. (Max described himself as “a John McCain Republican.”) Its members sometimes worked with law enforcement or for private clients, but mostly they acted as self-appointed guardians of the Internet, trying to thwart hackers and to keep the system clean of malware—software that hackers use to control a computer remotely, or to extract data. “People think the Internet runs on its own,” Max told me. “It doesn’t. We do this to keep the Internet safe.” The hack of the D.N.C. seemed like a pernicious attack on the integrity of the Web, as well as on the American political system. The scientists decided to investigate whether any Republicans had been hacked, too. “We were trying to protect them,” Max said.

Max’s group began combing the Domain Name System, a worldwide network that acts as a sort of phone book for the Internet, translating easy-to-remember domain names into I.P. addresses, the strings of numbers that computers use to identify one another. Whenever someone goes online—to send an e-mail, to visit a Web site—her device contacts the Domain Name System to locate the computer that it is trying to connect with. Each query, known as a D.N.S. lookup, can be logged, leaving records in a constellation of servers that extends through private companies, public institutions, and universities. Max and his group are part of a community that has unusual access to these records, which are especially useful to cybersecurity experts who work to protect clients from attacks.
….

As Max and his colleagues searched D.N.S. logs for domains associated with Republican candidates, they were perplexed by what they encountered. “We went looking for fingerprints similar to what was on the D.N.C. computers, but we didn’t find what we were looking for,” Max told me. “We found something totally different—something unique.” In the small town of Lititz, Pennsylvania, a domain linked to the Trump Organization (mail1.trump-email.com) seemed to be behaving in a peculiar way. The server that housed the domain belonged to a company called Listrak, which mostly helped deliver mass-marketing e-mails: blasts of messages advertising spa treatments, Las Vegas weekends, and other enticements. Some Trump Organization domains sent mass e-mail blasts, but the one that Max and his colleagues spotted appeared not to be sending anything. At the same time, though, a very small group of companies seemed to be trying to communicate with it.

Examining records for the Trump domain, Max’s group discovered D.N.S. lookups from a pair of servers owned by Alfa Bank, one of the largest banks in Russia. Alfa Bank’s computers were looking up the address of the Trump server nearly every day. There were dozens of lookups on some days and far fewer on others, but the total number was notable: between May and September, Alfa Bank looked up the Trump Organization’s domain more than two thousand times. “We were watching this happen in real time—it was like watching an airplane fly by,” Max said. “And we thought, Why the hell is a Russian bank communicating with a server that belongs to the Trump Organization, and at such a rate?”

One remarkable aspect of Foer’s story involved the way that the Trump domain had stopped working. On September 21st, he wrote, the Times had delivered potential evidence of communications to B.G.R., a Washington lobbying firm that worked for Alfa Bank. Two days later, the Trump domain vanished from the Internet. (Technically, its “A record,” which translates the domain name to an I.P. address, was deleted. If the D.N.S. is a phone book, the domain name was effectively decoupled from its number.) For four days, the servers at Alfa Bank kept trying to look up the Trump domain. Then, ten minutes after the last attempt, one of them looked up another domain, which had been configured to lead to the same Trump Organization server.

Max’s group was surprised. The Trump domain had been shut down after the Times contacted Alfa Bank’s representatives—but before the newspaper contacted Trump. “That shows a human interaction,” Max concluded. “Certain actions leave fingerprints.” He reasoned that someone representing Alfa Bank had alerted the Trump Organization, which shut down the domain, set up another one, and then informed Alfa Bank of the new address.

  • When the history of the collapse of American civilization is written... by ER 2018-10-09 18:58:07

    Search

    The Control Panel

    • Log in
    • Register