Fortinet has detected an increase in activity on the Darknet, a hidden part of the Internet where much of the illegal activity is carried out, focused on the November 5 US presidential election, the cybersecurity company announced today.
Phishing schemes targeting voters, malicious domains posing as candidates, and other threats designed to exploit unsuspecting victims are gaining prominence as the election approaches, according to Fortinet’s “Fortiguard Labs Threat Intelligence Report: Threat Actors Targeting the 2024 US Presidential Election.”
The report examines threats related to entities in the US and the electoral process.
The findings include phishing schemes targeting voters ahead of the presidential election, with threat actors selling phishing kits available on the darknet designed to target voters and potential donors by impersonating presidential candidates and their campaigns, and an increase in malicious domain registrations.
According to the data, each phishing kit is selling for $1,260 (about €1,165 at the current exchange rate).
“Since the beginning of 2024, more than 1,000 new potentially malicious domains have been registered, following specific patterns and incorporating content related to the elections and candidates, suggesting that threat actors are taking advantage of the heightened interest around the election to lure unsuspecting targets and potentially carry out malicious activities,” the document reads.
Additionally, “billions of U.S. records are for sale on darknet forums, including Social Security numbers, personally identifiable information (PII), and credentials that could be used in disinformation campaigns, as well as for fraudulent activities, phishing schemes, and account takeovers.”
About “3 percent of darknet forum posts involve databases related to corporate and government entities,” the report says, noting that “FortiGuard Labs researchers have seen a 28 percent increase in ransomware attacks against the U.S. government year over year, based on the sites they observed.”
“As the 2024 US presidential election approaches, it is critical to recognize and understand the cyber threats that could affect the integrity and trust in this electoral process and the well-being of the citizens involved,” said Fortinet’s chief security strategist and VP of global threat intelligence, quoted in a statement.
“Cybercriminals, including state-sponsored actors and hacktivist groups, are increasingly active in the run-up to an event of this magnitude. Staying alert, identifying and analyzing potential cyber threats and vulnerabilities is crucial to preparing for and protecting against malicious strategies that could exploit this critical moment to disrupt or influence the election results,” he added.
This report provides an analysis of threats observed from January to August 2024 and seeks to examine the broad set of cyber threats that could affect US-based entities and the electoral process, the statement reads.
Leave a Reply