Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Russian President Vladimir Putin is seen through a Twitter logo in this photo illustration. (Photo: Jaap Arriens / NurPhoto via Getty Images)

In August 2016, John Bambenek, a former Republican state senate candidate in Illinois, launched his own clandestine investigation of Guccifer 2.0, the public face of the Russian cyber break-in at the Democratic National Committee. What Bambenek found was that the Guccifer 2.0 persona — believed to be a cover for Russia's military intelligence arm — reflected a more slapdash chapter in the operation to sow U.S. election chaos than usually presented.

Why it matters: In transcripts of Twitter messages that Bambenek shared with Axios, Guccifer 2.0 seemed to be either careless or indiscriminate, apparently failing to do even a cursory check on Bambenek, and with only a vague understanding of what he was sharing.

How it happened: In June 2016, the DNC told the Washington Post that hackers apparently working for the Russian government had penetrated its computer networks. The day after, Guccifer 2.0 surfaced with the first of a trove of stolen DNC documents, including a 231-page dossier on Donald Trump, the start of a drumbeat of leaks that would dog Hillary Clinton's presidential campaign until she ultimately lost in November.

Not long after, Bambenek approached Guccifer 2.0, asking for documents to help the Republican cause. "I knew I had a good chance of passing the Google test for being a Republican, and it came at a time when Guccifer was probably receiving many inquiries from the press," he told Axios.

  • The two agreed that leaking documents on Illinois state races to arrange "for maximum impact" might aid Guccifer 2.0's efforts.
BAMBENEK: Among other things I am a Republican operative.

GUCCIFER 2.0: what r u gonna do with the docs?

BAMBENEK: Well it depends on the document. Emails about meeting for lunch, who cares. Emails that can affect an election, well, they'd be used for maximum impact.

GUCCIFER 2.0: i'll let u know if i find any
— From the introductory DM conversation on Aug. 12, 2016
  • So began what would become a two-month correspondence with Guccifer 2.0 over Twitter direct message, ultimately netting leaks of apparent DCCC files profiling Illinois districts (he named himself 2.0, apparently attempting to piggy-back on a Romanian hacker who called himself Guccifer.).

The catch: Bambenek wasn't wearing a GOP hat while conducting the conversation. Instead, he was an executive at Fidelis, a Bethesda, MD, cybersecurity firm that, along with CrowdStrike, had quickly attributed the attack to Russia. Bambenek was more or less just continuing the investigation out of curiosity.

The FBI was in the loop: "Every [direct message] I sent, every [one] I received was turned over to the FBI immediately. I assumed they would have been monitoring the account to begin with," Bambenek said.

  • Though Guccifer 2.0 provided him exclusive documents, they focused on almost comedically non-competitive races.

Bambenek's interactions show Guccifer 2.0 was not a precision operation:

  • With any vetting — even just a glance at Bambenek's Twitter bio, which mentioned his role at Fidelis — Guccifer 2.0 could have easily discovered that Bambenek was not who he said he was.
  • The documents Guccifer 2.0 funneled to Bambenek concerned races in Illinois House districts 01 and 08, neither of them competitive. Illinois 01, the south side Chicago district represented by Democrat Bobby Rush, hasn’t elected a Republican since the Roosevelt administration. Illinois 08, Sen. Tammy Duckworth's old district, wasn't a much safer bet.
  • "They were dumping documents in places there were no real Republicans. Even if there was a there there, it’d have to be something extreme — Roy Moore extreme," Bambenek told Axios.

Though an issue in the Mueller investigation, the Guccifer 2.0 campaign appeared to lack the US political savvy that would have suggested coordination with a domestic expert.

  • At one point, Guccifer 2.0 lost track of who Bambenek was entirely and appeared unaware he was not currently running for any position.
GUCCIFER 2.0: what's ur interest in these docs? r u gonna get nomination?
BAMBENEK: Will take a look. What do you mean get nomination?
GUCCIFER 2.0: u r a republican, ain't u? may be u gonna become a senator :) i mean why r u interested in these docs?
— DMs on August 23, 2016.
  • At another juncture, Guccifer 2.0 complained that a reporter for the Wall Street Journal quoted him in a story. “[I] didn't think he gonna quote my words, he didn't warn me,” Guccifer 2.0 messaged. “It didn’t seem like he understood how the media worked,” Bambenek told Axios.

This was nothing new — Guccifer 2.0 never seemed to be a precision operation: While I was a reporter for The Hill, I corresponded regularly with Guccifer 2.0, who regularly leaked documents to me.

  • Guccifer 2.0 kept abreast of which articles mentioned him, but rarely appeared to read them. Articles regularly included descriptions of his deceptive cover persona and likely connections to Russia.
  • While the leaks targeted swing states, Guccifer 2.0's understanding seemed to stop there, amplifying publicly available voter data as well as long-resolved scandals.

The end: Guccifer 2.0 cut off contact after figuring out Bambenek's true employment (he has since changed jobs to the firm ThreatStop).

  • Bambenek held off announcing his interactions with Guccifer 2.0 until he was sure they were not a component of the FBI's Russia investigation, he said.
  • He said he will publicly describe his experiences with Guccifer 2.0 on Thursday at Kaspersky Lab's Security Analyst Summit in Cancun, Mexico.
GUCCIFER 2.0: r ur company gonna make a story about me? :)
BAMBENEK: Want me to?
— The last DMs between Bambenek and Guccifer 2.0.

Go deeper

Scammers seize on COVID confusion

Data: FTC; Chart: Sara Wise/Axios

Scamming has skyrocketed in the past year, and much of the increase is attributed to COVID-related scams, more recently around vaccines.

Why it matters: The pandemic has created a prime opportunity for scammers to target people who are already confused about the chaotic rollouts of things like stimulus payments, loans, contact tracing and vaccines. Data shows that older people who aren't digitally literate are the most vulnerable.

12 hours ago - Politics & Policy

Biden explains justification for Syria strike in letter to Congress

Photo: Chris Kleponis/CNP/Bloomberg via Getty Images

President Biden told congressional leadership in a letter Saturday that this week's airstrike against facilities in Syria linked to Iranian-backed militia groups was consistent with the U.S. right to self-defense.

Why it matters: Some Democrats, including Sens. Tim Kaine (D-Va.) and Chris Murphy (D-Conn.) and Rep. Ro Khanna (D-Calif.), have criticized the Biden administration for the strike and demanded a briefing.

14 hours ago - Health

FDA authorizes Johnson & Johnson's one-shot COVID-19 vaccine for emergency use

Photo: Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images

The Food and Drug Administration on Saturday issued an emergency use authorization for Johnson & Johnson's one-shot coronavirus vaccine.

Why it matters: The authorization of a third coronavirus vaccine in the U.S. will help speed up the vaccine rollout across the country, especially since the J&J shot only requires one dose as opposed to Moderna and Pfizer-BioNTech's two-shot vaccines.