Skip to main content

‘Guccifer 2.0’ Claims Responsibility for DNC Hack in First Interview


hacker via shutterstock  The cybersecurity firm hired by the Democratic National Committee to investigate the hacking of its computer systems continues to stand by its analysis that points the finger at Russian intelligences services as the likely culprit. However, last week a hacker appeared under the name “Guccifer 2.0” and claimed responsibility for the attacks, leaking sets of documents to two media outlets in an effort to show he is the man behind the hack. On Tuesday, Guccifer 2.0 not only leaked even more documents, but he also agreed to answer questions during a newly released interview.

In an interview with a Vice News staff writer over Twitter, the individual claiming to be Guccifer 2.0 said he was motivated by the original Guccifer, Marcel Lazar.

“Lazar began this deal and I follow him!” Gufficer 2.0 told Vice News.  “I think we must fight for freedom of minds, fight for the world without Illuminati.”

He refused to say whether he knew Lazar personally, however,

Guccifer 2.0 also described a little about himself and denied being a Russian or working for the Russian government, instead claiming to be “[f]rom Romania.”

“Guccifer 2.0:  I’m a hacker, manager, philosopher, women lover. I also like Gucci! I bring the light to people. I’m a freedom fighter! So u can choose what u like!”

He added, “… I don’t like the Russians or their foreign policy.  I hate being attributed to Russia.”

The report states Gufficer 2.0 claims he hacked the DNC in the summer of 2015 by using a vulnerability in DNC’s software provider, NGP VAN.  However, the article says there is “no evidence whatsoever that the hacker really broke through via NGP VAN.”

Guccifer 2.0 explained:

I used 0-day exploit of NGP VAN soft then I installed shell-code into the DNC server. It allowed me to intrude into DNC network. They have Windows-based domain architecture. Then I installed my Trojans on several PCs. I had to go from one PC to another every week so CrowdStrike couldn’t catch me for a long time. I know that they have cool intrusion detection system. But my heuristic algorithms are better.

The hacker claims he lost access to the DNC systems on June 12, 2016 when they were rebooted.

This access timeline somewhat matches the official report from CrowdStrike (the cybersecurity firm hired by the DNC), although the CrowdStrike report concluded two separate groups affiliated with the Russian intelligence services accessed the network at different times.  Furthermore, the report was released prior to this the Guccifer 2.0 interview.

When confronted with evidence that he left Russian metadata on a leaked document, Guccifer 2.0 claimed it was his “watermark.”  Attempts to speak to the hacker in his native Romanian also appear to have caused him frustration.  He would reportedly only respond in short sentences that were filled with grammatical mistakes and he finally told the interviewer, “Don’t waste my time.” When the interviewer attempted to speak to Guccifer 2.0 in Russian, the hacker claimed he needed to consult Google translate.

Guccifer 2.0 also claimed the DNC was not his only hack, saying, “Follow my blog and u’ll know! I can’t tell u now about all my deals. My safety depends on it.”

The report quotes an email from a “senior DNC official” that continues to place the blame for the hack squarely on the Russians.  Furthermore, the DNC official stated that Guccifer 2.0 was likely part of a Russian “disinformation campaign.”  The official wrote:

[O]ur experts are confident in their assessment that the Russian government hackers were the actors responsible for the breach detected in April, and we believe that the subsequent release and the claims around it may be a part of a disinformation campaign by the Russians.

As previously mentioned, CrowdStrike also stands by its original analysis that concluded the Russian intelligence services were behind the hack.

As for Guccifer 2.0, he left his interviewer hanging after another question (in Romanian) about whether anyone else was present with him when he accessed the DNC computer system.



Have a tip we should know? [email protected]

Filed Under:

Follow Law&Crime: