The Russian bank known as Alfa Bank is claiming there has been a concerted effort to frame them for connections to the Trump Organization. They have stated that the United States based hackers have launched cyber attacks recently in their efforts to make it look as though there is some sort of untoward connection between the two parties.
According to cyber security experts, this sort of hack is actually a common prank that is pulled and not directly related to the activity discovered last year between the computer servers of Alfa Bank and the Trump Organization.
The servers first attracted attention last summer, when internet data indicated that a computer server operated by Alfa Bank had repeatedly looked up contact information for a computer serving that was used by the Trump Organization.
While Trump Organization is accustomed to communicating with companies from abroad, the amount of activity between the servers is what got the attention of the feds.
Alfa Bank believes the hack is meant to make it seem as if the Trump Organization is currently communicating with it, stating “the cyber attacks are an attempt by unknown parties to manufacture the illusion of contact” between the two entities.
In a statement, Alfa Bank said “the cyber attacks are an attempt by unknown parties to manufacture the illusion of contact” between Alfa Bank and the Trump Organization.
But even though the server connection was initially dismissed, the FBI’s counterintelligence team – the same one that is investigating Russia’s alleged hacking – is still looking into it.
Now Alfa Bank is claiming hackers are now trying to perpetuate suspicion by tricking the Trump Organization into sending communication toward the bank. They claim that the idea is that hackers are knocking on the Trump Organization server’s door figuratively speaking, but posting as Alfa Bank when doing so, this was the Trump server, in turn, sends a real and unsolicited response back to the bank.
They state the first attack happened on February 18, 2017, continuing with so-called “spoofed” signals for more than five hours on the Trump Organization, which in turn were directed back towards the bank itself. This attack was repeated and intensified on March 13.
The bank then made contact with the FBI, offering their “complete cooperation in finding the people behind attempted cyber attacks.” FBI officials corroborate this information. The Russian bank has not hired Stroz Friedberg, a New York cybersecurity firm to investigate the attempted hacking.
Leaked records show Alfa Bank servers repeatedly looked up the unique internet address of a particular Trump Organization computer server in the United States. That is tantamount to looking up someone’s phone number repeatedly in the computer world, While there is not a phone call being made, it does indicate an intent to communicate. But it was perplexing as to why a random Russian bank would be repeatedly looking up the contact info for mail1.trump-email.com.
According to public records that address is registered to the Trump Organization. The IP address goes back to a server operated by a company in the small rural town of Lititz, Pennsylvania. But for reasons currently unknown, from the dates of May 4 to September 24, Alfa Bank looked up this address for the Trump Organization more than 2,820 times. This is more lookups from any other source, with Alfa Bank representing 80% of the lookups.
Cybersecurity experts have found this to be EXTREMELY odd….and outsized. Paul V. Mockapetris, an American computer scientist who helped invent DNS, called this a “laughably small” attack that was likely done simply to “raise suspicions.”
Alfa Bank continues to investigate who is “behind this elaborate hoax.” The bank offered the simple analogy would be someone in the U.S. sending an empty envelope to a Trump office addressed to President Trump, but on the back of the envelope, the return address is Russia, instead of its own real address. Giving the impression based on a simple, cursory examination Alfa Bank has been receiving responses to queries it never actually sent.