'Guccifer 2.0' claims glory for DNC Hack, more documents leaked.

News by Max Metzger

A hacker named Guccifer 2.0 has come out to claim responsibility for the recent hack on the Democratic National Committee

A hacker claiming access to the servers of the Democratic National Committee (DNC) has posted more internal documents. Guccifer 2.0 has claimed responsibility and added that it was him and only him who sat, toadlike on the DNC's servers for years while harvesting “many thousands” of documents from the party.

This news carries on from earlier this week, when an ‘opposition' dossier was leaked from the Democratic party. Originating from the same hack, the document details the lines along which to publically oppose Donald Trump, the soon to be confirmed, but divisive presidential candidate for the Republicans in this year's election.

Guccifer 2.0 says that this is just a taste of the thousands of email and files taken from Democratic party servers. The rest have been passed on to Wikileaks and are due to be released in the near future. Julian Assange, the founder of Wikileaks, claimed earlier this week that the organisation had enough leaked evidence on Hillary Clinton for an indictment to be issued, although, he added he doesn't think Attorney General Loretta Lynch would seek to prosecute the Democratic candidate.

Crowdstrike, an endpoint protection and threat intelligence company, was called in by the DNC to take a closer look at the hack.  The hack in question goes back to two separate breaches, one in summer 2015 and another in April this year.

The company concluded that this was the work of two distinct Russian hacker groups, Fancy Bear and Cozy Bear, both of which Crowdstrike characterised as “sophisticated”.  CrowdStrike's disclosing blogpost said that “our team considers them some of the best adversaries of all the numerous nation state, criminal, and hacktivist/terrorist groups we encounter on a daily basis”.

Both of the groups have several high-level scalps to their name. Fancy Bear is also known at Sofacy, Pawn Storm and APT 28 among many other names. Cozy bear, also known as APT 29 has successfully got into the networks of the White House and the Joint Chiefs of Staff.

Both groups are suspected to have close ties to the Russian government and clearly act in line with, if not directly following Russian geopolitical objectives.

“Overall, I would argue that this is consistent with a pattern of activity that includes TV5 Monde and the Ukrainian power grid”, Ewan Lawson, a cyber-warfare specialist and Royal United Services Institute fellow told SCMagazineUK.com, highlighting other attacks linked to russian proxies.

He noted, “that the Russian government denied it was them and it would be unsurprising if they hadn't used a proxy which provides them with sufficient obfuscation and deniability. The question is really the extent to which they direct those groups that they use like ATP 28.“

The other question is how finely these groups are directed: “The other issue with this pattern of activity is to wonder whether there are any limits. Even if the Russian government has limits, does it have sufficient control over its proxies to enforce them?”

Guccifer 2.0 quickly balked at Crowdstrike's claims, saying that he was, “very pleased the company appreciated my skills so highly,” but, “in fact, it was easy, very easy”, before releasing more samples of documents taken from DNC servers.  

The new documents released appear to show major democratic donors including the United Association of Plumbers and Pipefitters, who donated nearly US$ 3 million (£2.1 million)

While organised labour figures prominently in this leaked list of heavy hitters. The leak also appears to name several high profile figures in American public life from the entertainment, media and tech sectors. Such names include Jeffrey Katzenberg, the CEO of Dreamworks animations and Fred Eychaner, the chairman of Newsweb corporation, both of whom made donations in the millions and are known supporters of the Democratic party. Also included was actor, and go-to voice of god, Morgan Freeman, who donated US$1 million dollars ($700,000).

Included in the leaks are a list of Democratic party luminaries and whether or not they donated to Hillary Clinton's political action committee, Hilary for America. Included in that list are people such as Madeleine Albright, a prominent supporter and Secretary of State under Bill Clinton.

Also published was a dossier, dating back to at least 2008, which appears to be a list of proposed national security policies to enact in the first 100 days of Barack Obama's presidency.

Whether or not these documents are legitimate or not has yet to be proven.

It is not quite clear who Guccifer 2.0 really is. However, the name has been used before by Marcel Lazar Lehel, a Romanian hacker known to be involved in a series of high level breaches on government officials. He first came into the public eye in 2013, by hacking into the AOL account of Sidney Blumenthal, a close associate of Bill Clinton.

Last month, after being extradited to the US, Lehel plead guilty to two counts, one of unauthorised access to a protected computer and another of aggravated identity theft. That same month,  Lehel claimed to have hacked into Hillary Clinton's private email servers, characterising it as  “an open orchid on the internet”. He will be sentenced in September.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews