Published July 28, 2016
The FBI is looking into a computer hack targeting a fundraising organization for Democrats running for Congress, according to published reports.
Reuters, citing four sources, reported Thursday that the intrusion at the Democratic Congressional Campaign Committee (DCCC) may be related to an earlier cyberattack on the Democratic National Committee.
A Democratic aide told the Associated Press that House Democratic leadership had been informed of the investigation.
The new report broke on the final night of the Democratic National Convention in Philadelphia. The opening of the gathering was overshadowed by Wikileaks' release of hacked emails showing DNC staffers supporting Clinton when they were publicly promising to remain neutral during the primary elections between her and rival Sen. Bernie Sanders.
The DNC emails led to committee chairwoman Debbie Wasserman Schultz stepping down the day before the convention kicked off.
Two sources told Reuters that the DCCC hack may have begun as recently as last month, when someone registered a spoof site whose name resembled that of a major DCCC donation website.
The sources said the IP address of the fake site resembled one used by a Russian government-linked hacking group. It was not immediately clear for how long Internet traffic linked to Democratic congressional campaign donations was directed to the spoof site.
According to Reuters, investigators believe that the purpose of the intrustion was to gather information about Democratic donors rather than to steal money.
Two cybersecurity firms analyzing the stolen DNC emails have said that they have found compelling clues pointing to Moscow when they analyzed the hackers' methods and efforts to distribute the stolen emails and other files. The hacker groups, identified by Crowdstrike as Cozy Bear and Fancy Bear, used different but sophisticated techniques to break into the DNC and try to avoid detection.
"Our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist-terrorist groups we encounter on a daily basis," the company said.
Comparing the groups' tools, techniques and previous known targets, CrowdStrike said the groups were affiliated with Russia's civilian and military intelligence agencies.
The Associated Press contributed to this report.