1 min read

Guccifer 2.0's schoolboy error reveals he's hacking from Moscow

Graham CLULEY

March 23, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Guccifer 2.0's schoolboy error reveals he's hacking from Moscow

Guccifer 2.0, the notorious hacker who is alleged to have compromised the computer systems of the Democratic National Committee (DNC) and stolen opposition research on Donald Trump, has accidentally tipped his hand that he was working for Russian intelligence.

Back in 2016, Guccifer 2.0 denied being Russian or working for Russia in online interviews and claimed (somewhat unconvincingly) to come from Romania.

But, as Daily Beast now reports, the so-called “lone hacker” was in fact an officer with Russia’s military intelligence division (GRU).

Why do they say that? Well, it appears that the self-proclaimed independent hacker from Romania may have forgotten to enable his VPN client on one occasion, and “left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation.”

That IP address was then tied to the GRU’s headquarters in Moscow.

According to the latest report, the US government believes that at some point Guccifer 2.0’s activities were taken over by a GRU officer with more experience. This has been speculated on before after it was observed that whoever was working behind the Guccifer 2.0 moniker had stopped making so many sloppy mistakes, and appeared to have turned into a more professional leaker of information.

Robert Mueller, who is heading the probe into possible collusion between Donald Trump’s presidential campaign and Russia, is said to have brought FBI agents who investigated Guccifer 2.0 onto his team. The news of Guccifer’s link to Moscow is unlikely to dampen the belief that Russia attempted to interfere in the US election, and will raise more questions about possible connections between the Trump campaign and Russia.

Attributing attacks reliably is notoriously difficult, but it turns out it’s even harder to opsec properly. Whether you’re a good guy or a bad guy, if you care about your privacy online don’t do something careless like forget to turn your VPN on.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths
Graham CLULEY

September 30, 2022

2 min read
Honolulu Man Sabotaged Former Employer’s Network and Business Using Still-Active Credentials Honolulu Man Sabotaged Former Employer’s Network and Business Using Still-Active Credentials
Silviu STAHIE

September 30, 2022

1 min read
North Korean Gang Uses Compromised Open Source Software to Distribute Malware, Researchers Find North Korean Gang Uses Compromised Open Source Software to Distribute Malware, Researchers Find
Silviu STAHIE

September 30, 2022

1 min read