DNC hacker Guccifer 2.0 denies Russian links and mocks security firms

The DNC breach included confidential files, including campaign, foreign policy documents


The hacker who claims to have breached the Democratic National Committee’s networks is trying to beat back accusations that he’s linked with the Russian government.

The intrusion, which stole confidential files from the DNC, was his “personal project,” hacker Guccifer 2.0 said in a Thursday blog post.

Security firms and the DNC may be trying to blame the attack on Russia, but “they can prove nothing!” Guccifer 2.0 added.

“All I hear is blah-blah-blah, unfounded theories, and somebody’s estimates,” he wrote.

Guccifer 2.0 appeared on the web just a day after the DNC revealed it had been hacked. To prove he was behind the breach, the hacker began posting the files he stole. This included opposition research on presidential candidate Donald Trump, along with donor lists and foreign policy files. 

He claims to be Romanian and says he acted alone. But not everyone believes him. Some security researchers suspect Guccifer 2.0 may be a “smokescreen” to divert attention away from the real culprits, who may have been expert hacking teams based in Russia.

A key piece of evidence has been the malware used to breach the DNC. This same malware has been linked to two separate Russian hacking teams, codenamed Cozy Bear and Fancy Bear.

But on Wednesday, Guccifer 2.0 tried to pour cold water on that theory. Ideas about “almighty Russian hackers” are a myth, he said.

“I’d like to reveal a secret to all those cool IT-specialists: All the hackers in the world use almost the same tools,” he said. “You can buy them or simply find them on the Web.”

He broke into the network using a little-known vulnerability found in the DNC’s software, he added.

“The DNC used Windows on their server, so it made my work much easier,” he said. “I installed my trojan-like virus on their PCs. I just modified the platform that I bought on the hacking forums for about $1.5k.”

Security firms also suspect that the DNC breach was an intelligence gathering operation for Russia. But Guccifer 2.0 disputed that as well, saying it was hacktivism.

However, Guccifer 2.0 said he had no “sympathies” for any candidates in the U.S. presidential election. He called Democrat Hillary Clinton a “slave of moguls.”

Republican Trump, on the other hand, is more sincere, but his ideas on U.S. immigration are “nonsense,” the hacker added.

By stealing files from the DNC, Guccifer 2.0 said he hoped to be like his heroes, including noted leakers Edward Snowden and Julian Assange.

Whether or not he is telling the truth, however, is fodder for debate. 

Guccifer 2.0 could, indeed, be part of a misinformation campaign to cover the hackers' tracks, said Rick Howard, chief security officer for Palo Alto Networks.

"On the other hand, I don't know why [the hackers] would bother," he added. "Who cares? Governments have been stealing stuff from victims forever. Why would they need a misinformation campaign?"

Other security experts have said that Guccifer 2.0 could be multiple people, pretending to be one user. The malware used in the DNC breach is actually relatively rare, said Michael Buratowski, a senior vice president with Fidelis Cybersecurity.

This story has been corrected to clarify a paraphrased comment by Rick Howard of Palo Alto Networks.

Download the CIO October 2016 Digital Magazine
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies