18:58 GMT +329 June 2017
Live
    Clinton campaign manager John Podesta looks at a smartphone while aboard a plane at Westchester County Airport in White Plains, N.Y., Tuesday, Oct. 11, 2016, before traveling to Miami

    Revealed: How John Podesta's Email Was Easily Hacked

    © AP Photo/ Andrew Harnik
    US
    Get short URL
    93689308

    The latest Wikileaks release has revealed exactly how Hillary Clinton’s campaign chairman John Podesta’s gmail account was hacked, and the domain in the phishing email is from an island off the coast of of New Zealand.

    The 21st email release included the actual March 19, 2016, email which provided the hackers with Podesta’s password.

    Podesta had received an email claiming to be from Google, warning him that someone in Ukraine had obtained his password, and that he was required to change it. The form they linked to, however, was not from Google, but from a site mirroring the internet giant, which, after the password was unthinkingly reset within it, then sent his new password to the hacker.

    The phishing email came from no-reply@accounts.googlemail.com, which is not actually Google.

    The initial email read as follows:

    “Someone just used your password to try to sign in to your Google Account john.podesta@gmail.com.

    Details: Saturday, 19 March, 8:34:30 UTC
    IP Address: 134.249.139.239
    Location: Ukraine
    Google stopped this sign-in attempt. You should change your password  immediately.”

    It also included a link to the fake password reset, which was located at “myaccount.google.com-securitysettingpage.tk,” a simple observation that should have tipped the campaign off that the request was not real, as the domain.tk is from Tokelau, a small island off the coast of New Zealand, controlled by that country.

    “Sara, This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authentication is turned on his account,” wrote Charles Delavan, a Hillary for America help desk staffer, to Sara Latham, Podesta’s chief of staff.

    Latham quickly sent a panicked email to Podesta, and copied the Hillary for America tech manager Michael Fisher, who, ironically, used to work at Google, and should have immediately known that the email was a simple phishing attack

    “The gmail one is REAL Milia, can you change — does JDP have the 2 step verification or do we need to do with him on the phone? Don't want to lock him out of his in box!”

    Based on the fact that we are now reading these emails, we can assume that Podesta took some ill-advised advice.

    Related:

    Clinton Campaign, US DoS Coordinated Email Scandal Response With AP - WikiLeaks
    WikiLeaks Releases 20th Batch of Clinton Campaign Chair Podesta's Leaked Emails
    WikiLeaks: Clinton's Team Noted She Looked 'Programmed' Reading Statements
    From WikiLeaks With Love?
    WikiLeaks: Clinton Campaign Manager Could Not Recall Her Position on Trade
    Tags:
    phishing, Hacking, Google, Hillary Clinton, Julian Assange, John Podesta, New Zealand
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik
    • Сomment