Donald Trump’s and Hillary Clinton’s presidential campaign websites each sustained cyberattacks on the eve of Election Day, waged with the same malware responsible for recent internet disruptions around the world, researchers said Monday.
Flashpoint, a New York-based cybersecurity company, said attackers waged a total of at least four, 30-second distributed denial-of-service (DDoS) attacks against the candidates’ websites on Sunday and Monday this week in a series of unsuccessful attempts aimed at knocking either offline.
Amid a row between U.S. and Russia amplified by recent computer intrusions blamed on Moscow, Flashpoint’s researchers said the recent attacks likely weren’t the workings of a nation-state hackers, however, and instead attributed the attempts to “unsophisticated actors.”
A website associated with Mr. Trump, the Republican nominee for president, was attacked once on Sunday and then repeatedly over the course of several minutes on Monday, Flashpoint said. The last of the attacks against Mr. Trump’s website on Monday coincided with the launch of a separate attack against a website associated with Mrs. Clinton, his Democratic rival, according to Flashpoint.
“While each of these attacks appear to be distinct and powered by different groups, they were all perpetrated using Mirai-based botnets,” said Flashpoint.
Mirai is a specific strain of malicious software, or malware, that recently came to the attention of security researchers after being used to caused widespread internet disruptions in North America and Europe last month.
By infecting internet-connected hardware like digital video recorders and webcams with the malware, hackers can create large networks of compromised devices, or “botnets,” that can then be harnessed to wage wide-scale DDoS attacks in which a targeted computer is overloaded with bogus internet traffic in an bid to briefly render it inaccessible to legitimate users.
Researchers said previously that potentially millions of internet-ready cameras were compromised to form botnets used last month to target Dyn, a U.S.-based internet company that maintains a widely used online directory service known as a Domain Name System, or DNS. The subsequent DDoS attack against Dyn resulted in internet problems in multiple countries and prompted a response form the White House, among other federal agencies.
Hackers have since released the malware’s source code, in turn leading to a proliferation of Mirai-based cyberattacks being waged against an array of targets with varying success. According to Flashpoint, however, the actors behind the recent attacks against the Trump and Clinton campaigns were incapable of causing any real disruptions.
“So far, these DDoS attacks been limited to the nominees’ website infrastructure and have not targeted — nor affected — any infrastructure associated with the actual electoral process,” Flashpoint said Monday. “This attack, in addition to other more powerful, higher-profile attacks associated with the Mirai botnet, all align closely with tactics, techniques and procedures commonly executed by hackers operating from underground forums.”
“While attacks against websites may cause minor challenges for the respective candidates’ campaign operations, they will not directly impact the final vote count in the presidential election on November 8. Flashpoint will continue to monitor the Mirai botnet for further developments,” it said in a statement.