The Democratic National Committee (DNC) has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018. In its court filing, the DNC argues that not only did the campaign and several Trump operatives collude with Russia to steal electronic information, but that Russia was still attempting to hack DNC systems in the run up to last year’s midterm elections. The filing describes an alleged Russian cyberattack campaign that began in July 2015 and which stole information after a hack in April 2016, when the Russians allegedly placed proprietary malware known as X-Agent on the DNC network. It claims that they monitored the malware in real time and collected data including key logs and screenshots. Using malware called X-Tunnel, the hackers exfiltrated several gigabytes of DNC data over the following days to a computer located in Illinois leased by agents of Russia’s GRU military unit, it says. Russian operatives then placed a version of X-Agent on a DNC server in June that year and hacked DNC virtual machines hosted on Amazon Web Services (AWS) in September to steal voter data, the filing also alleges.
The DNC filing also accuses Russia of an ongoing campaign against the Democrats following the election, dating back to Robert Mueller’s 2017 appointment as head of the special counsel investigation into possible ties between the Trump campaign and the Russian Federation. Russia used multiple fake social media accounts to discredit Mueller as corrupt, the filing alleges, citing reports prepared for the Senate Intelligence Committee.
The DNC accuses Russia of trying to hack the network of Democratic Senator Claire McCaskill, along with the networks of two other midterm candidates, in 2017. They allegedly spoofed notification emails from McCaskill to her staff, asking them to visit a page purporting to be the US Senate’s Active Directory Federation Services (ADFS) login page.