Information about NDC intrusion malware

The Security Consulting team here at Fidelis specializes in investigations of critical security incidents by advanced threat actors. Last week, after Guccifer 2.0 claimed responsibility for the intrusion into the Democratic National Committee’s (DNC) servers, we were provided with the malware samples from the CrowdStrike investigation. We performed an independent review of the malware and other data (filenames, file sizes, IP addresses) in order to validate and provide our perspective on the reporting done by CrowdStrike. This blog post provides a summary of our findings.