Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Photo illustration: Jaap Arriens/NurPhoto via Getty Images
The latest Mueller indictment names the Russian intelligence agents behind the Guccifer 2.0 persona, the public face of the cyber break-in at the Democratic National Committee.
The big picture: Though the WikiLeaks email leaks got nearly all the attention, other press outlets — including The Hill, The Smoking Gun and Gawker — also received leaked documents from the hackers of the Democratic National Committee and Democratic Congressional Committee. Guccifer 2.0 was the persona used to leak those documents to the press — including me, then a reporter at The Hill.
Flashback:
- Guccifer 2.0 also released a smaller amount of documents on his own Wordpress blog.
- He interacted with people over Twitter direct messages, including — famously — Trump confidant Roger Stone.
- New in the indictment, he also provided documents to a U.S. congressional candidate about his opponent.
- We knew, from the files leaked to The Hill, that Guccifer 2.0 had stolen recruitment documents when the Democrats searched for candidates to run in various elections.
Who he is: Guccifer 2.0 borrowed his name from Guccifer, a famous Romanian hacker that struck celebrities — including Clinton insiders — in the past. The original Guccifer was obsessed with linking victims to the Illuminati.
- Guccifer 2.0 claimed to be from Romania and ended his first WordPress post "F*ck the Illuminati and their conspiracies." He soon dropped the Illuminati schtick.
- Guccifer 2.0's first leaks came immediately after a Washington Post story attributed the DNC hack to Russia, and most experts believe that the persona was an attempt to salvage what they could out of a blown operation.
What we know: Guccifer 2.0 always presented himself as a single apolitical hacker. It was pretty clear to most people who chatted with him that Guccifer 2.0 was actually more than one person. It was also fairly clear from security research, intelligence reports and the documents he selected for leaks that he was largely interested in sandbagging the Democratic campaign nationally, and especially in swing states.
Based on the indictment:
- We now know who made up the team that procured and leaked the documents — Viktor Boris Ovich, Boris Alekseyevich Antonov, Dmitriy Sergeyevich Badin, Ivan Sergeyevich Yermakov, Aleksey Viktorovich Lukashev, Sergey Aleksandrovich, Nikolay Yuryevich Kozachek, Pavel Vyacheslavovich Yershov, Artem Andreyevich Malyshev, Aleksandr Vladimirovich Osad Chuk, Aleksey Aleksandrovich Potemkin and Anatoliy Sergeyevich Kovalev.
- Russian intelligence operatives ran searches of several of the phrases in Guccifer 2.0's first WordPress post hours before the post went live, implying some kind of advance knowledge.
- One reporter who received documents — not me — asked about timing of when to publish.
The fallout: Washington Post columnist Josh Rogin tweeted after the Russia indictment that "American reporters who took stories from Guccifer 2.0 or DC Leaks have to wonder if they weren't used as a tool of a foreign military intelligence operation against our country."
- We did wonder about that. At The Hill, we always tried to make it clear that Guccifer 2.0 was likely a Russian asset. We never published full documents — though we did summarize some — and only printed stories we believed explained some aspect of Russia's intent with the campaign.
- With Kevin Collier, I was one of two reporters who had ThreatConnect perform forensic analysis on emails from Guccifer 2.0 that ultimately determined he used a Russian anonymity service known as a VPN. (I scrubbed the emails of any identifying information other than the IP address to protect my source's anonymity).
- The first reporter to conduct an interview with Guccifer 2.0, Motherboard's Lorenzo Franceschi-Bicchierai, quickly established that Guccifer 2.0 did not speak Romanian.
Go deeper: