The Republican party in Wisconsin has alleged that hackers have stolen $2.3 million from one of their accounts that was being used to help re-elect President Donald Trump in the key battleground state, the party’s chairman told The Associated Press.
The party told AP they had noticed the suspicious activity on Oct. 22nd and contacted the FBI on Friday, according to Republican Party Chairman Andrew Hitt, Associated Press reported.
Hitt said the FBI is investigating the theft of millions of dollars. FBI spokesman Leonard Peace did not immediately return a message seeking comment to AP.
The attack comes as less than two weeks remain before Election Day, as both Trump and Democratic rival Joe Biden made their final push to win Wisconsin and its 10 electoral votes. In 2016, Trump won the state by fewer than 23,000 votes. Both Trump and Biden have planned to campaign in Wisconsin as the final days approach for the U.S. election. Polls have consistently shown a tight race in the state, with Biden ahead by single digits and within a margin of error.
Hitt further said he was not aware of any other state GOP being targeted by any similar hack, but state parties have previously been warned at the Republican National Convention this summer to be on the lookout for cyber attacks.
“We have been in contact with the state party and are assisting them through this process,” said Republican National Committee spokesman Michael Ahrens. “The RNC never left Wisconsin after 2016, and we are confident that our ground game and the millions we are spending on TV and digital will deliver us another win there in 2020.”
Hitt said the hackers had manipulated invoices when they were paying four vendors. The vendors were being paid for by direct mail for Trump’s reelection efforts as well as for pro-Trump items such as hats to be handed out to supporters. The invoices and other documents were altered so when the party paid them for the services, the money went to the hackers instead of the vendors, Hitt said.
The hack was discovered after a party official noticed that an invoice was generated, Hitt said.
Hitt stated it seems the cyber-attack began as a phishing attempt and no other data was stolen or compromised, said party spokesman Alec Zimmerman.
Last week the U.S. Department Of Homeland security (DHS) blamed Iran hackers for spoofed voter intimidation emails that were blamed on The Proud Boys. U.S. govenrment analysts and private sector investigators were able to rapidly attribute to Iranian hackers a wave of thousands of threatening emails aimed at U.S. voters because of mistakes made in a video attached to some of the messages, Reuters previously reported.
This also comes after Donald Trump’s re-election campaign website was hacked briefly pushing a Monero cryptocurrency scam in which hackers claimed to have sensitive data on Trump proving various conspiracies, Anewspost previously reported.
The notice posted on the site in broken English claimed to have proof that the Trump government was involved in the origins of the pandemic, and that Trump has been involved with “foreign actors manipulating the 2020 elections.”
It provided two Monero wallet addresses for visitors to send money to, allowing them to effectively vote on whether the hackers should release the incriminating evidence. One wallet was labeled with “Yes, share the data” and the other “No, do not share the data.”
A note on the website referenced a “deadline” after which the amount of funds in the two addresses would be compared, but provides no information on when the deadline is. It also showed a PGP encryption key which TechCrunch notes corresponds to an email address at planet.gov, a website that doesn’t exist.
It is unknown who is behind the recent hack of $2.3 million dollars at the time of this report. However, investigators are said to be investigating the million dollar theft and Trump’s campaign website hack.
In June, Google’s security researchers stated they had identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns.
Shane Huntley, director for Google’s Threat Analysis Group, said in a tweet that hackers backed by China and Iran had targeted the campaigns using malicious phishing emails. However, Huntley added, there are “no signs of compromise,” and that both campaigns were alerted to the attempts.
Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement. https://t.co/ozlRL4SwhG
— Shane Huntley (@ShaneHuntley) June 4, 2020
U.S. Director of National Intelligence John Ratcliffe said last week that both Russia and Iran have attempted to interfere with the 2020 election. Three sources told Reuters that U.S. intelligence is still determining who in Iran led the effort and the reason behind it, The Hill reported.