The hacker, who breached the DNC and masqueraded as a ‘lone’ Romanian hacktivist, made a key mistake: forgetting to activate his VPN client before logging on.
New cyber forensic evidence indicates that the hacker known as Guccifer 2.0, who has claimed responsibility for the 2016 Democratic National Committee hack, is an officer with Russia’s GRU military intelligence agency.
The Daily Beast reports that the hacker, who claimed to be a “lone” Romanian hacktivist, made a key mistake which revealed his actual identity: forgetting to activate his VPN client before logging on.
“As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company,” The Daily Best reports, citing an unnamed source familiar with the government’s Guccifer probe. “Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow.”
The news isn’t exactly a shock. The Department of Homeland Security and Office of the Director of National Intelligence in October 2016 said they were “confident” that the Russian government was behind the DNC hack. Their motive, according to the agencies: “To interfere with the US election process.”
But as The Daily Beast notes, the cyber forensic evidence of Guccifer 2.0’s identity “has substantial implications for the criminal probe into potential collusion between President Donald Trump and Russia.”
US Special Counsel Robert Mueller, who has been leading the government’s investigation of Russian interference with the 2016 election, last month indicted 13 Russian nationals for meddling. Mueller has also reportedly “taken over the probe into Guccifer and brought the FBI agents who worked to track the persona onto his team,” the report notes.
Roger Stone, a former advisor to the Trump campaign, has also had contact with Guccifer 2.0.