- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos 3 Years Ago
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Today 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Today 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Today 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Today 6:30 AM
- How to watch the Copa del Rey Final online for free Today 5:45 AM
- How to watch the DFB-Pokal final for free Today 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
- QAnon believers link small-town arrest to deep state conspiracy without evidence Friday 1:58 PM
- Instagram photos showing prison conditions spark massive protest Friday 1:33 PM
- ‘Gay rat wedding’ headline sparks amazing new meme Friday 1:03 PM
- ‘I read a gossip piece’ meme mocks Moby’s Instagram post Friday 12:39 PM
- Rotten Tomatoes wants to see your ticket stub to leave a verified review Friday 11:46 AM
DNC hack, Guccifer 2.0, and Russia: What we know and what we don’t
The appearance of Guccifer 2.0 appears to be an attempt to mislead reporters.
However, the picture got much clearer when the Special Counsel investigating Russian interference in the 2016 election charged 12 Russian nationals with the data breach and identified Guccifer 2.0 as a Russian actor.
Prior to that indictment, multiple security firms examining the breach confirmed that at least two cyberespionage units with ties to the Russian government successfully infiltrated the Democratic National Committee, gaining access to countless internal memos and reports.
The suspiciously convenient involvement of a self-proclaimed “Romanian” hacker, turned out to be nothing more than a ruse.
But prior to the indictments, the internet was awash in speculation. Below is what was known and unknown in the summer of 2016. For the latest news, click here.
For roughly a year, a group of hackers had access to the computers systems of the DNC. CrowdStrike, a cybersecurity firm hired to analyze the breach, claims the Democrats had been targeted by at least two separate groups affiliated with Russian military intelligence. The firm had reportedly analyzed other breaches by both groups over the past two years.
The techniques and software employed during the breach have been attributed to Russian hackers by two additional cybersecurity firms, Fidelis and Mandiant. The two hacking groups, codenamed Cozy Bear and Fancy Bear, were likely unaware of each other’s presence in the DNC system, according to CrowdStrike.
A security researcher at Mandiant, an American firm based in Virginia, told the Washington Post on Monday that malware used in the DNC hack was previously used by “APT 28 and APT 29,” which are the firm’s codenames for Fancy Bear and Cozy Bear, respectively.
Whereas Fancy Bear is said to have compromised the network’s security as recently as April, immediately targeting opposition research on presumptive Republican nominee Donald Trump, Cozy Bear reportedly gained access to the DNC system last summer. Until about two weeks ago, Cozy Bear had full access to the party’s internal emails and chats.
It was Fancy Bear’s activity, the DNC says, that first alerted them to Cozy Bear’s presence in the network.
The anti-Trump playbook purportedly stolen from the DNC, which is apparently several months old, according to research by Gawker, revealed the party’s strategy for painting the now-GOP frontrunner as “a liar” who is “loyal only to himself.”
“Whether it’s American workers, the Republican Party, or his wives, Trump’s only fidelity has been to himself and with that he has shown that he has no problem lying to the American people,” the document reads. “Trump will say anything and do anything to get what he wants without regard for those he harms.”
Trump characterized the material as mostly inaccurate and accused the DNC of staging the breach itself. “We believe it was the DNC that did the ‘hacking’ as a way to distract from the many issues facing their deeply flawed candidate and failed party leader,” the Republican candidate said in a statement Wednesday.
CrowdStrike told the Post on June 14 that the unauthorized access was probably obtained by phishing, meaning DNC staff members most likely received deceptively crafted emails containing malicious files or links that allowed the hackers to break into the system.
Citing sources familiar with the government’s investigation, Bloomberg reported on Tuesday that hackers “sought data from at least 4,000 individuals associated with U.S. politics” over the course of seven months. The targets include, but are not limited to, the Democratic Party, Hillary Clinton’s presidential campaign, and the Bill, Hillary, and Chelsea Clinton Foundation.
A former White House cybersecurity official told Politico on Tuesday the leaked documents were a sure sign that “Putin’s security services are now trying to influence the U.S. presidential election,” calling the hack a “direct attack on our democracy.”
Dmitry Peskov, a Kremlin spokesperson, denied Russia’s involvement in a comment to Reuters last week. “I completely rule out a possibility that the [Russian] government or the government bodies have been involved in this,” he said.
Here’s where things get confusing.
An individual identifying themselves as “Guccifer 2.0” has taken credit for breaching the DNC’s network, though his appearance may be an attempt to muddy the attribution.
The purported hacker’s handle, Guccifer 2.0, is a reference to Marcel Lehel, aka “Guccifer,” a computer hacker extradited to the U.S. by Romania in April. Lehel pleaded guilty to a series of high-level cyberattacks targeting prominent political officials, among them former Presidents George W. Bush and George H.W. Bush.
As evidence of his or her involvement, the purported hacker published a trove of documents allegedly stolen from the DNC including a list of donors who made large contributions to the Clinton Foundation—files that may prove useful to the Trump in assailing the former secretary of state over her financial ties.
While the DNC has confirmed the hack, it remains unconfirmed whether the documents Guccifer 2.0 has released are legitimate.
Motherboard published an interview with Guccifer 2.0 on Tuesday in which the individual claimed to also be Romanian. However, the person communicating with Motherboard appeared to struggle with the language, fueling suspicions that the individual was misleading reporters.
The introduction of Guccifer 2.0 has given rise to speculation that Russian intelligence services are working to obfuscate the Kremlin’s involvement in the breach.
The alleged hacker claimed to have no affinity for Russia or its foreign policy—“I hate being attributed to Russia,” he told Motherboard—while claiming that Russian metadata contained in the leaked documents was intentionally created as a kind of personal signature.
To sum up: The DNC was hacked. Experts say the Russian government did it, while Russia denies everything. A lone hacker has claimed responsibility for the hack and began releasing documents that may or may not have been stolen from the DNC. Many believe Guccifer 2.0 is part of a ploy to divert attention away from Russia. Trump thinks the DNC orchestrated the hack itself.
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.