Click to Skip Ad
Closing in...

Lone hacker claims responsibility for DNC breach, but fingers still point at Russia

Published Jun 17th, 2016 6:45PM EDT
Image: REUTERS/Gary Cameron

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Was a lone hacker behind the recent attack on the Democratic National Committee’s computers? An individual describing themselves as ‘Guccifer 2.0’ claimed responsibility for the hack in a blog post Wednesday, touting documents purportedly accessed in the attack.

But experts have been looking for clues about the mysterious self-described hacker, and suspicions still linger that the Russian government played a role in the DNC hack.

Citing security researcher Pwn All The Things, Ars Technica reports that metadata from one of the leaked documents indicates editing by someone using a computer configured to use the Russian language. Additionally, the document was edited by someone using the Russian translation of the computer name ‘Felix Dzerzhinsky,’ according to the research. A Russian revolutionary, Dzerzhinsky was also director of the Cheka, the Soviet secret police.

Related: Russian government-affiliated hackers breach DNC, take research on Donald Trump

Pwn All The Things also pointed to a PDF-formatted version of the ‘oppo research’ on Trump published by Gawker a few hours before Guccifer 2.0’s blog post.  Several broken web links in the document are said to contain an error message in Russian, possibly left over from conversion of the Word document into PDF on a computer configured for the Russian language.

Additionally, experts identified the blog post’s use of “))),” which is often employed to denote a smiley in Russia or Eastern Europe.

In the post, Guccifer 2.0 took a swipe at cybersecurity specialist CrowdStrike, which is working with the DNC to investigate the hack: “Shame on CrowdStrike: Do you think I’ve been in the DNC’s networks for almost a year and saved only 2 documents? Do you really believe it?”

Related: America’s nuke program runs on floppy disks

Guccifer 2.0 also posted files purportedly showing Democratic party donors Wednesday and claimed to have extracted thousands of documents from the DNC networks.

Earlier this week CrowdStrike said that the sophisticated attack was conducted by “adversaries affiliated with the Russian government,” and identified the ‘Fancy Bear’ and ‘Cozy Bear’ groups as likely perpetrators.

The company still believes that these groups are behind the attack. “CrowdStrike stands fully by its analysis and findings identifying two separate Russian intelligence-affiliated adversaries present in the DNC network in May 2016,” explained CrowdStrike CTO Dmitri Alperovitch in a blog post Wednesday.

Related: Senators move to block FBI from expanding hacking powers

“Whether or not this [Guccifer 2.0] posting is part of a Russian Intelligence disinformation campaign, we are exploring the documents’ authenticity and origin,” he added. “Regardless, these claims do nothing to lessen our findings relating to the Russian government’s involvement.”

The DNC is also pointing its finger at Russia. “Our experts are confident in their assessment that the Russian government hackers were the actors responsible for the breach detected in April, and we believe that Wednesday’s release and the claims around it may be a part of a disinformation campaign by the Russians,” explained a senior DNC official. “We’ve deployed the recommended technology so that today our systems are secure thanks to a swift response to that attack and we will continue to monitor our systems closely.”

According to CrowdStrike, the hackers used advanced intrusion techniques to avoid detection and were looking for information in areas such as policy, political campaigns and strategies and foreign policy.

Related: Teen hacks into North Korean Facebook using the password ‘Password’

Kremlin spokesman Dmitry Peskov denied Russian government involvement in the DNC hacking incident.

In the blog post Guccifer 2.0 made reference to the Romanian hacker known as ‘Guccifer’ who claimed he easily breached Hillary Clinton’s email server. “Guccifer may have been the first one who penetrated Hillary Clinton’s and other Democrats’ mail servers,” the post reads. “But he certainly wasn’t the last. No wonder any other hacker could easily get access to the DNC’s servers.”

While the purported DNC opposition file on Trump generated plenty of attention this week, it did not appear to contain any bombshells. Fox News analyst Howard Kurtz described the information as a “big yawn” Friday.

Trump, in a statement released earlier this week, accused the DNC of inventing the “hack” to provide a distraction from Democratic candidate Hillary Clinton’s issues. The presumptive Republican Presidential nominee also downplayed the information contained in the DNC’s playbook. “This is all information that has been out there for many years. Much of it is false and/or entirely inaccurate,” he said.

Follow James Rogers on Twitter @jamesjrogers

The Associated Press contributed to this report.

More from Tech: