A misspelling in an email sent earlier this year between members of Hillary Clinton’s failed presidential campaign may have resulted in the breach widely blamed with sidelining her recent White House bid, according to a new report.
Months before WikiLeaks began releasing thousands of stolen emails acquired from the inbox of Hillary for America chairman John Podesta, hackers sent dozens of malicious emails to members of Mrs. Clinton’s campaign, her tech adviser, Charles Delavan, told The New York Times for an article published Tuesday.
Crafted to resemble legitimate security warnings from Google’s help desk, the malicious messages instructed recipients to visit a website where they would be instructed to reenter their Gmail password as a supposed safety precaution.
Security researchers have tied that campaign to Russian hackers and believe Mr. Podesta’s account was compromised in this manner before his stolen emails were supplied to WikiLeaks for publication.
When WikiLeaks eventually began publishing Mr. Podesta’s stolen emails, leaked correspondence between staffers showed how the Clinton camp responded in the wake discovering one of these malicious messages in the chairman’s inbox on the morning of March 19, 2016.
As reported previously, the leaked emails indicate that Sara Latham, Mr. Podesta’s chief of staff, forwarded the purported Google warning to Mr. Delavan, the Clinton tech adviser, soon after it arrived.
“This is a legitimate email,” Mr. Delavan wrote back. “John needs to change his password immediately, and ensure that two-factor authentication is turned on [for] his account.”
Breaking his silence for this week’s Times article, Mr. Delavan said that he knew the message was bogus and that he meant to say that it was an “illegitimate” email. According to the newspaper, the typo was “an error that he said has plagued him ever since.”
Less than three months after Mr. Podesta and dozens of other Clinton staffers were targeted by the hacking campaign, researchers at SecureWorks, an Atlanta-based IT firm, said they had traced the attacks waged against the Democratic candidate’s team and others to a hacking group widely believed to be taking orders from the Russian government.
At some point after the purported security warning was sent to Mr. Podesta, either the Clinton chairman or an aide likely navigated to the bogus link they perceived to be “legitimate” and compromised his Gmail credentials.
SecureWorks said the bogus links sent to Mr. Podesta and other targets traced back to a server used to operate campaigns waged against various targets of interest to the Russian government, including the Democratic National Committee (DNC) and an assortment of Kremlin critics who have been the subject of similar cyberattacks.
“We are approaching the point in this case where there are only two reasons for why people say there’s no good evidence,” Thomas Rid, a professor at London’s King’s College who studied the campaigns, previously told Motherboard prior to Election Day. “The first reason is because they don’t understand the evidence — because the don’t have the necessary technical knowledge. The second reason is they don’t want to understand the evidence.”
The Republican chairman of the Senate Foreign Relations Committee, Bob Corker of Tennessee, said this week that lawmakers will hold open and classified briefings to determine for their own whether or not Russian hackers attempted to interfere in the 2016 White House race.
“We are going to systematically walk through the entire Russia issue and fully understand what has transpired,” Mr. Corker said Tuesday.