Submission + - Malware Researchers Discover Russian Banks Talking to Trump's Private Servers (slate.com)
ewhac writes: After news broke of Russian hackers infiltrating the Democratic National Committee's servers, malware researchers decided to see if other politically-motivated intrusions were taking place. Among others, they monitored DNS traffic relating to the Trump Organization, looking for evidence of intrusion. Instead, they discovered traffic from Russia that did not match the patterns typical of malware or botnets. Rather, the patterns looked like ordinary human-driven traffic, as one might expect from email being exchanged between servers — specifically, from servers operated by Russia's Alfa Bank. Further, Trump's server only accepted connections from a limited number of IP addresses. Even more curious, when the malware researchers reached out to Alfa Bank to inquire about the unusual traffic, but before speaking to the Trump campaign, the DNS entry for Trump's server was clumsily deleted. As one researcher put it, "The knee was hit in Moscow, the leg kicked in New York." Four days later, the Trump Organization registered a new DNS name for the same server; the first DNS lookup for that name came from Alfa Bank in Russia. While the evidence is not conclusive, it is undeniably suggestive that Trump has more than just an "arms-length" relationship with Russia, and warrants further investigation.