Guccifer 2.0? Lone Hacker Takes Credit for DNC Cyber Attack, Publishes Docs
'Hacktivists, possibly state-sponsored, now demonstrating intent—and capability—to influence elections," says Edward Snowden
This week's hacking of the Democratic National Committee (DNC) computer network "just became a big deal," according to whistleblower Edward Snowden: on Thursday, a lone actor took responsibility for the cyber attack previously blamed on Russia and published a series of documents allegedly extracted from DNC servers.
A hacker calling themselves "Guccifer 2.0"—after Guccifer, the currently jailed Romanian hacker who claims to have accessed Hillary Clinton's email server during her tenure as secretary of state—emailed documents to Gawker and the Smoking Gun that appear to be opposition research (pdf) on Republican frontrunner Donald Trump as well as lists of million-dollar-plus donations and donor contact information.
The hacker also published the documents on their blog.
Gawker reported that it "has not yet been able to verify that the Trump file was produced by the DNC, but we have been able to independently verify that the financial documents were produced by people or groups affiliated with the Democratic Party."
After stating that the attack was "easy, very easy" to accomplish, the hacker wrote in their email to the Smoking Gun that "Guccifer may have been the first one who penetrated Hillary Clinton's and other Democrats' mail servers. But he certainly wasn't the last. No wonder any other hacker could easily get access to the DNC's servers."
Guccifer 2.0 went on to claim that they accessed "many thousands" of documents from DNC servers, and that they gave WikiLeaks "all the rest."
The release of donor information appears to refute the claims of the DNC and its cyber security firm, CrowdStrike, which earlier this week said that no donor or financial documents had been breached.
"DNC chairwoman Debbie Wasserman Schultz said no financial documents were compromised," the hacker wrote on their blog. "Nonsense! Just look through the Democratic Party lists of donors!"
In response to Guccifer 2.0's posting, the DNC doubled down on the original claim that Russia was behind the cyber attack: "Our experts are confident in their assessment that the Russian government hackers were the actors responsible for the breach detected in April, and we believe that today's release and the claims around it may be a part of a disinformation campaign by the Russians," the DNC told Wired.
Dmitri Alperovitch, chief technology officer of CrowdStrike, also suggested to the Washington Post that Guccifer 2.0's release of documents "may be part of a 'Russian disinformation' campaign."
"We are exploring the documents' authenticity and origin," Alperovitch told the newspaper. "Regardless, these claims do nothing to lessen our findings relating to the Russian government's involvement."
"Some small signs do point to Russian involvement," Wired noted. "The PDFs posted by Gawker and the Smoking Gun contain error messages on several URLs that include Cyrillic characters and translate from Russian to 'error, invalid hyperlinks.'"
"Finding the perpetrator of a sophisticated hacker intrusion can be messy," as Wired observed. "Getting to the bottom of a vicious data breach at the center of a no-holds-barred presidential campaign is a full-on trainwreck."
Regardless of whether or not Russia is indeed behind the incursion, Edward Snowden pointed to the significance of the DNC hack on Twitter:
Significance is more than docs. Hacktivists, possibly state-sponsored, now demonstrating intent -- and capability -- to influence elections.— Edward Snowden (@Snowden) June 16, 2016