Guccifer 2.0, the notorious hacker who is alleged to have compromised the computer systems of the Democratic National Committee (DNC) and stolen opposition research on Donald Trump, has accidentally tipped his hand that he was working for Russian intelligence.
Back in 2016, Guccifer 2.0 denied being Russian or working for Russia in online interviews and claimed (somewhat unconvincingly) to come from Romania.
But, as Daily Beast now reports, the so-called “lone hacker” was in fact an officer with Russia’s military intelligence division (GRU).
Why do they say that? Well, it appears that the self-proclaimed independent hacker from Romania may have forgotten to enable his VPN client on one occasion, and “left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation.”
That IP address was then tied to the GRU’s headquarters in Moscow.
According to the latest report, the US government believes that at some point Guccifer 2.0’s activities were taken over by a GRU officer with more experience. This has been speculated on before after it was observed that whoever was working behind the Guccifer 2.0 moniker had stopped making so many sloppy mistakes, and appeared to have turned into a more professional leaker of information.
Robert Mueller, who is heading the probe into possible collusion between Donald Trump’s presidential campaign and Russia, is said to have brought FBI agents who investigated Guccifer 2.0 onto his team. The news of Guccifer’s link to Moscow is unlikely to dampen the belief that Russia attempted to interfere in the US election, and will raise more questions about possible connections between the Trump campaign and Russia.
Attributing attacks reliably is notoriously difficult, but it turns out it’s even harder to opsec properly. Whether you’re a good guy or a bad guy, if you care about your privacy online don’t do something careless like forget to turn your VPN on.