Russia-linked hackers tried to access Clinton’s email server
Hackers linked to Russia attempted at least five times to gain access to Hillary Clintonâ€™s private email account while she was secretary of state, according to emails released Wednesday.
Clinton originally received the infected emails, disguised as speeding tickets, over four hours on the morning of Aug. 3, 2011. The infected emails instructed recipients to print the attached tickets, which would have allowed hackers to take control of their computers.
It is unclear if Clinton clicked on any of the attachments and exposed her account to hackers.
“We have no evidence to suggest she replied to this email or that she opened the attachment,” Nick Merrill, a spokesman for Clinton’s Democratic presidential campaign told the Associated Press. “As we have said before, there is no evidence that the system was ever breached. All these emails show is that, like millions of other Americans, she received spam.”
Security researchers who analyzed the malicious software in September 2011 said the infected computers would transmit information from victims to at least three server computers overseas, including one in Russia
The virus was concealed as a speeding ticket from Chatham, New York, which was misspelled in the infected emails, and came from a supposed New York City government account containing a “Ticket.zip” file that would have raised a red flag.
A private-sector IT security researcher told Fox News on Wednesday that details associated with the five faux traffic ticket emails sent to Clintonâ€™s private account are in line with a U.S.-government aimed phishing campaign carried out by Russian-linked hackers during that same time period. The source, who was close to research of the malware used in that campaign, told Fox News that Russia-based hacking teams were targeting the State Department, specifically, by deploying a â€œblast approachâ€ of phishing emails.
The malware embedded in those attachments would allow hackers the ability to monitor communications, steal data, move laterally into the State Department network and possibly move to other government networks, the source told Fox News.
Most commercial antivirus software at the time would have detected the software and prevented users from infecting themselves, but it’s unclear if the State Department’s network security would have flagged the infected message, or if Clintonâ€™s private server would have caught it.
On Wednesday, a congressional source told Fox News that FBI Director James Comey started briefing select lawmakers on the status of the investigation into Clinton’s private server, and confirmed investigators are actively looking for evidence the server was compromised by a foreign entity or hacker.
According to the source, Comey also reassured lawmakers his “top people” are handling the investigation. Comey said no resource is being spared and his team is working “24/7” to determine whether classified information was compromised, the source said.
No evidence of a breach has been confirmed so far, Fox News is told.Â The discussion was part of an intelligence briefing.
Speaking to an annual intelligence conference in September, Comey was asked by Fox News whether he could assure the public that the high-stakes investigation would not be influenced by politics.
“I’m not going to comment, as we never do, on any particular investigation of ours,” Comey explained. “But I can assure the American people about this, I hope they already know it about the FBI, we are three things — we’re competent, we’re independent, and we’re honest. We do all of our work that way. We don’t give a rip about politics. We follow the facts where they lead us. We do our work professionally, and we also do it in secret so that we don’t jeopardize our ability to do it well.”
Security analysts and lawmakers previously have cited the risk of any top-level official using a private email account. Asked about Clinton’s email practices in a recent congressional hearing, National Security Agency Director Michael Rogers noted the use of a private email account by the foreign minister of Iran and Russia would present an “opportunity” for any spy agency.
As investigators continue their work, forensic computer specialists say any compromise of Clinton’s account would leave malicious code on the server that can be recovered.
And an intelligence source close to the investigation recently told Fox News that the FBI maintains “the highest degree of confidence” emails are being recovered, adding that “shadows and ghosts” were on the server after messages were deleted.
Asked if the investigation would conclude before the end of the year, the congressional source said Comey said he “shared the sense of urgency,” indicating the goal was to conclude before the full swing of the election cycle.
Fox News was told Comey emphasized his term as director is a fixed term of 10 years, implying he has the independence to pursue the investigation as any other.
The FBI has declined to comment, citing an ongoing investigation.
Fox Newsâ€™ Catherine Herridge, Matt Dean, and the Associated Press contributed to this report.