The epoch of political hacks. Macron headquarters documents leak: 9 GB of files

On the evening of May 5, 2017, one of the two presidential candidates of France, Emmanuel Macron, a day and a half before the decisive second round of elections , fell victim to a large-scale hacker attack . Unknowns have published about 9 GB of documents from the mailboxes of the election headquarters of the former investment banker and the Minister of Economy.

Links to EMLEAKS documents are published on Pastebin ( copy ).
')
Thus, the French politician became another victim of “political” hacks, when unknown people put confidential correspondence of politicians in free access: it began with the diplomatic mail of American diplomats on Wikileaks, then there was the US Democratic Party, Russian Prime Minister Dmitry Medvedev and other Russian politicians, and now a french presidential candidate.

Apparently, in today's information society, politicians can no longer have any secrets from the public.

It should be noted that prior to this leakage of documents, the protege of the former president, Macron, was considered the clear leader in the polls, significantly outperforming right-wing candidate Marin Le Pen, who favors withdrawal from the European Union, tough measures against migrants, against globalization and for France’s national revival in the style of “Make France is great again! ” According to the latest polls, Macron's rating was 62%. Over the past 50 years, polls differed from the actual election results, on average, by 3.9% .

The political movement of Macron confirmed the fact of hacking. “En Marche Movement! This evening was the victim of a massive and coordinated hacker attack, - said in an official statement . “Various inside information quickly spread through social media.” The movement said that the documents demonstrate the normal work of a political party, but in social media they are mixed with fake documents that sow "doubt and misinformation."


Electoral Accounting

Representatives of the British research firm Digital Forensic Research Lab believe that the initial distribution of documents and the hashtag #MacronLeaks was carried out by the ultra-right American nationalists, and then the wave was picked up by the key core of French supporters Marine Le Pen. Experts say that the first hashtag appeared on the Twitter of American activist Jack Posobiec (Jack Posobiec) (he himself says that he took links from the / pol / branch to 4chan and just invented the hashtag). An analysis of his twitter shows that Jack originally used the #MacronGate hashtag. According to statistics, it was American users who most actively spread the news in the first stage.



French Interior Minister warned French media journalists about caution when publishing details from En Marche confidential correspondence! Indeed, exactly one day before the official election day, the ban on publishing any information that may affect the result of voting begins. The publication of such information may lead to the institution of criminal cases, the minister said. Such a ban will be valid until the closing of the last polling stations on Sunday at 18:00 GMT.

Official statement En Marche! done yesterday at 23:56 local time, when there were four minutes before the ban came into force.

A detailed investigation of hacking has not yet been given. Vitaly Kremez, director of research for the American information security company Flashpoint, said that his review of the situation points to the work of the famous hacker group APT28 (Fancy Bear) , which specializes in cyber espionage.

Kremez said that in April, APT28 registered a number of domain names that are similar to the names of the official En Marche servers! Among them are onedrive-en-marche.fr and mail-en-marche.fr. These domains could be used to target mailings for phishing and install malware on computers, from which credentials could be removed for hacking mail servers En Marche! Kremez believes that this is a broader approach and a serious amount of effort than was shown by hackers during the intervention in the American election campaign.

In April, Trend Micro experts said that the attack on En Marche! in March, it was carried out by the same hacker group that conducted hacking of the mail servers of the US Democratic Party, that is, the hacker group APT28 (Fancy Bear).

References to published documents from the Pastebin document have already been deleted from archive.org, but there are undetectable magnet links . Some torrents, apparently, correspond to the contents of individual mailboxes:

• Pierrpersongmail.com.7z_archive.torrent (mirror: pierrperson@gmail.com.7z , 2.38 GB)
• langannerch_archive.torrent (mirror: langannerch.rar , 2.38 GB)
• quentin.lafay_archive.torrent (mirror: quentin.lafay.rar , 740.05 MB)
• Cedric.oen-marche.fr_archive.torrent (mirror: cedric.o@en-marche.fr.rar , 0.98 GB)
• Alaintourretgmail.com_archive.torrent (mirror: alaintourret@gmail.com.rar , 659.48 MB and cedric.o@_10-24.rar , 117.21 MB)
• Box_pierrpersongmail.com_archive.torrent (mirror: box_pierrperson@gmail.com.rar , 1.96 GB)
• xls_cedric_archive.torrent (mirror: xls_cedric.rar , 673 KB)
• Macron_201705_archive.torrent (mirror: Macron.rar , 568 KB)
• Mirror: gemplus.rar , 43.34 MB

Discussion of the documents goes to 4chan , but according to Posobetts, access to 4chan is already blocked from the territory of France.