How to stop the ‘Downeast Boat’ Hackers
Posted On July 17, 2021
In early August, a hacker called Downeast Boat began attacking websites across the country.
The group was called “DBS” and it was based out of Florida, according to a cybersecurity report from security firm FireEye.
The hacktivist group also published information about its targets, including Social Security numbers, birth dates, and email addresses, FireEye said.
The information, which was shared with law enforcement, was then passed on to the FBI and US Capitol Police.
As a result of that, the FBI obtained a warrant to search the group’s servers, the report said.
According to the report, the group made at least two attempts to penetrate a federal website, and in the process breached the organization’s systems and stole sensitive data.
“The DBS attack was a big threat to the federal government,” said David Segal, senior research analyst at FireEye, who reviewed the group and its operations.
“If we can identify their methods, we can stop them.”
In late September, the hackers attempted to break into a federal network in Arizona, but they were thwarted.
According of the report from FireEye and a statement from the FBI, DBS was targeting federal employees and contractors.
But, the cybersecurity firm said, the attackers had little to no knowledge of cybersecurity practices and were using a “poor-quality botnet” that allowed them to compromise servers remotely.
“These groups are targeting the most vulnerable government employees, federal contractors, and law enforcement personnel in the US,” Segal told CNNMoney.
“They are very skilled and have access to large amounts of information.”
He added that the hackers are also looking to break in into other government networks in the United States, as well as foreign nations.
The cybersecurity firm also said that the group has been active for several years.
“Their malware can be distributed through spam email addresses and phishing attacks,” Segar said.
“That’s where they have a high volume of targets.”
The group also targeted the government’s computer networks in South Africa, China, Japan, Russia, the United Arab Emirates, Turkey, Germany, and India, according the FireEye report.
The FBI and law enforcers have said that they are working with other countries to investigate the hackers.
In September, it was revealed that the FBI had uncovered a massive computer network used by the hackers, which included more than 2,700 compromised systems and hundreds of thousands of compromised credentials.
“There is no evidence that the cybercriminals responsible for the DBS breach are affiliated with any nation-state or terrorist group,” FBI Director Christopher Wray said in a statement at the time.
“However, we will continue to aggressively pursue any links to these cybercrimios, as we have with the DNC breach, and will continue working closely with the Department of Homeland Security and the Cybersecurity Coordination Office to coordinate the investigation and takedown of the cyber criminals.”