Pierluigi Paganini October 16, 2018

Millions of voter records are available for sale on the Dark Web, experts discovered over 35 million US voter records for sale in a hacking forum.

Millions of voter records are available for sale on the Dark Web, experts from Anomali and Intel 471 discovered 35 million US voter records for sale in a hacking forum.

Researchers have analyzed a sample of voter records and determined the data to be valid with a high degree of confidence.

Records in the voter registration database include personal and voting history information of US residents.

“Certain states require the seller to personally travel to locations in-state to receive the updated voter information.” reads the post published by Anomali.

“This suggests the information disclosure is not necessarily a technical compromise but rather a likely targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes on a cybercrime forum,” 

The seller only provided the number of records for the lists of voters belonging to three states asking for prices between $1,300 and $12,500.

• Louisiana (3 million);
• Wisconsin (6 million);
• Texas (14 million);

The seller also claims to have lists of voters for other states, including Montana, Iowa, Utah, Oregon, South Carolina, Wisconsin, Kansas, Georgia, New Mexico, Minnesota, Wyoming, Kentucky, Idaho, South Carolina, Tennessee, South Dakota, Mississippi, and West Virginia.

According to the seller, voting lists are weekly updated with the help of people in the state governments.

“Certain states require the seller to personally travel to locations in-state to receive the updated voter information.” reads a report published by Anomali Labs.

“This suggests the information disclosure is not necessarily a technical compromise but rather a likely targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes on a cybercrime forum,” 

This kind of information it a precious commodity for threat actors, members of the forum already expressed their interest in the huge trove of data.

“With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process or pursue large scale identity theft,” explained Hugh Njemanze, chief executive officer of Anomali. 

The persistent access to voters records claimed by the seller represents a serious threat to US voters and for the US politics.

“Given the illicit vendor claims of weekly updates of voter records and their high reputation on the hacker forum, we assess with moderate confidence that he or she may have persistent database access and/or contact with government officials from each state.” concludes.

“These types of unauthorized information disclosures increasing the threat of possible disruptive attacks against the U.S. electoral process such as voter identity fraud and voter suppression.”

Pierluigi Paganini

(Security Affairs – voter records, Dark Web)

[adrotate banner=”5″]

[adrotate banner=”13″]