• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime

Two arrested for Hacking DC Security Cameras Before Trump Inauguration

December 22nd, 2017 Waqas Cyber Crime, Hacking News 0 comments
Two arrested for Hacking DC Security Cameras Before Trump Inauguration
Share on FacebookShare on Twitter

In Feb 2017, two people were arrested in the United Kingdom for hacking security cameras in Washington DC. Now, D.C. police have revealed their identity and said that two suspects of Romanian origin were arrested for hacking into security cameras and outdoor surveillance systems deployed by the law enforcement. According to the police, the primary objective behind this feat was to distribute ransomware.

The suspects namely Mihai Alexandru Isvanca and Eveline Cismaru were actually arrested with the cooperation of Romanian authorities during a wide-spectrum operation in which so far five individuals have been arrested. The accused are blamed for distributing Dharma and Cerber ransomware attacks.

More: 70% of DC Police CCTV cameras were hacked before presidential inauguration

The United States Secret Service filed an affidavit [Pdf] accusing the Romanian citizens Alexandru Isvanca and Cismaru for hacking into 123 out of the total 197 security cameras that were being operated by the Metropolitan Police Dept of District of Columbia. These cameras were installed to monitor public areas through the city and every camera was controlled by a separate computer.

According to the findings of the Police, the suspects managed to compromise the computer after hacking the security cameras and using a remote desktop protocol the two logged into the computer. The machines were then manipulated to send spam emails using the bulk emailing service SendGrid. Embedded in these emails were ransomware in the form of a PDF file and these spam emails were sent to a whopping 179,616 unique email IDs. The PDF file had strains of Dharma and Cerber ransomware. When the attachment was clicked on by the victim, the ransomware got installed on the machine instantly.

The exploitation of computers owned by the Metropolitan Police started on January 9 whereas the department noticed the intrusion on January 12 when it was identified that some security cameras were disabled. The system was then shut down for four days up until January 15th by the police and during this time the systems’ security was restored. All this happened a few days before the official inauguration ceremony of President Donald Trump. The attack was speculated to be the work of nation-state actors at the time but then investigators negated this assumption.

The reason why the hackers were tracked so soon was that they did not take necessary measures to prevent detection, which is why the Secret Service was able to identify an email ID linked to SendGrid account. This was the same account from which the spam emails were being sent. Moreover, the attackers left a text document containing the list of all email ID targeted in this campaign.

Afterwards, the investigators acquired a warrant for two email IDs. One of these two IDs david.andrews2005@gmail.com was associated with the SendGrid account while the second one anonimano027@gmail.com was used to log into the computers connected to the security cameras. When direct communication between these accounts and another account vand.suflete@gmail.com was identified by the Police, it became easier to join the dots.

From the third account, a list of IP addresses, usernames and passwords was sent to one of the abovementioned email IDs and most of these IP addresses were linked with the Metropolitan Police Dept. security cameras. A warrant was acquired for vand.suflete@gmail.com where emails containing PDF files with obfuscated ransomware and attack management control panels were found.

Further probe revealed that Isvanca used his real name and contact information in the account recovery information of one of his email accounts while Cismaru used an account using her real identification information for communicating with Isvanca.

  • Tags
  • Cyber Attack
  • Cyber Crime
  • Donald Trump
  • hacking
  • internet
  • Privacy
  • Ransomware
  • security
  • UK
  • USA
Facebook Twitter LinkedIn Pinterest
Previous article Hackers Spreading Digmine Monero Mining Malware via Facebook
Next article Nissan Canada cyber attack; millions of customer accounts stolen
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Malwarebytes says it was also breached by SolarWinds hackers

Malwarebytes says it was also breached by SolarWinds hackers

Hackers compromised IObit forum to spread DeroHE ransomware

Hackers compromised IObit forum to spread DeroHE ransomware

Online scams: How to give scammers a taste of their own medicine

Online scams: How to give scammers a taste of their own medicine

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

29
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

72
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

91

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us