Guccifer 2.0’s Chats with BBC Reporter Newly Discovered

Mike Wendling of BBC News released a chat between him and Guccifer 2.0 in January 2017 that didn’t obtain much coverage. The chat has also not been archived or analyzed on, the Guccifer 2.0 research project. Here it is:

AP News recently cited this aforementioned BBC article and the DM attached above in its recent report from November 2017. That report noted that Guccifer 2.0 in the DM was thrilled that WikiLeaks had finally followed through, quoting Guccifer 2.0 as saying that “Together with Assange we’ll make america great again.”

The AP News article also notably made the following claim: “But there were signs of dishonesty from the start. The first document Guccifer 2.0 published on June 15 came not from the DNC as advertised but from Podesta’s inbox , according to a former DNC official who spoke on condition of anonymity because he was not authorized to speak to the press.

The official said the word “CONFIDENTIAL” was not in the original document .

Guccifer 2.0 had airbrushed it to catch reporters’ attention.” can respond to the new point about the first document and whether they believe it to be true or not. Keep reading RightSideNews for the latest updates.

Florida Journalist Has More DMs with Guccifer 2.0

Aaron Nevins Chat, from the New York Times.

Aaron Nevins recently divulged DMs with Guccifer 2.0 that do not appear on the Guccifer 2.0 research page, or in the Wall Street Journal (WSJ) article that first outed Nevins in May 2017 as the owner of Nevins runs the gossip site HelloFLA! and participated in an interview on the Viceland show CYBERWAR.

Nevins is videotaped sharing his DM messages with the host of the program on Season 2, Episode 2 of the program, entitled Who Hacked the DNC. While this alternative link does not have the resolution to show every word of the chat, the actual program in High Definition shows the unpublished chat, and is available on cable television still. The images that appears on the broadcast has a timestamp of 2:09 AM, even though the interview takes place during the day on a beach. However, a chat with identical words was published by the New York Times on December 13, 2016, also with the time stamp of 2:09 AM. It is likely then that Nevins did not actually login to his Twitter to present the show’s host his messages, and instead showed the aforementioned images, some of which were released by the Times.

The chat that Nevins presents simply features Nevins offering a Dropbox for Guccifer 2 to drop his files into. Guccifer 2.0 took 14 minutes, between 8/22/16 at 2:25pm and 8/22/16 at 2:39, to upload an as yet unknown amount of files, which would also fit into 6 emails of unknown size. Unlike the WSJ and archive, the chat also features timestamps, that correspond to a Monday, August 22nd afternoon.

The Nevins chat was also the target of Hannibal Moot of BullTruth Magazine, which noted the supposed anomalies of the WSJ published Nevins chat, in the same way he attacked Robbin Young’s DMs. Clearly now that Nevins has gone on record to show his chats on camera, and now that those chats clearly have timestamps unlike the ones released by the WSJ, some say it is clear that the BullTruth report contained more bull than truth. There is no word on whether BullTruth will publish a retraction.

In May 2017, the Wall Street Journal released several images of Nevins’ chats, like here, here and here. These were later republished by here.

HelloFLA is a site that considers itselfthe most sensational source for political gossip, rumors and news from insiders of the nation’s most infamous state!” Nevins has been labelled by the mainstream media as a “GOP operative” yet he does not appear to label himself such. Nevins publishes the website with the pseudonym Mark Miewurd (mark my word).

Newly Discovered Guccifer 2 Chat Shows He Was Wikileaks’ Source

An Associated Press (AP) journalist has released a chat with Guccifer 2.0. 

Raphael Satter released a previously unpublished chat he had with Guccifer 2.0, where Guccifer 2.0 stated, in reply to a question about why Guccifer 2.0 is sending documents directly to a journalist instead of waiting for Wikileaks to publish them, that “I don’t know when or if they gonna publish them.” According to Satter, “@raffiwriter argues @Guccifer _2’s handlers were impatient with @Wikileaks as summer wore on. My 8/22 convo with G2 seems to support that.”  

Satter is referencing an article in the New Yorker magazine by journalist Raffi Khatchadourian, which was reviewed extensively by RightSideNews in the article, Did Wikileaks Directly Receive Information from Guccifer 2.0? The New Yorker article lists three important interactions that display Guccifer 2.0 being impatient with Wikileaks, including:

1) On June 17th, the editor of the Smoking Gun asked Guccifer 2.0 if Assange would publish the same material it was then doling out. “I gave WikiLeaks the greater part of the files, but saved some for myself,” it replied. “Don’t worry everything you receive is exclusive.” The claim at that time was true.

2) In early July, Guccifer 2.0 told a Washington journalist that WikiLeaks was “playing for time.” An article by Joe Uchill from July 13 quotes Guccifer 2.0: “The press [is] gradually forget[ing] about me, [W]ikileaks is playing for time and [I] have some more docs.”)

3) On July 17, Assange “originally planned” to publish the files, but did not. Instead, Guccifer 2.0 leaked a batch of documents to Uchill on that very day.

4) On July 22nd, Wikileaks published the documents, and on that same day Guccifer 2.0 wrote, “At last!”

5) On August 22nd, exactly one month later, Guccifer 2.0 in his chat with the AP’s Raphael Satter expresses impatience with Wikileaks’ release of files.

According to Uchill’s July 22 article, “The [Wikileaks] site does not specifically address who leaked the documents, but hacker Guccifer 2.0 who recently breached the DNC servers confirmed via electronic message that the emails came from that hack.”

The implication of Guccifer 2.0 directly working together with Wikileaks is that Guccifer 2.0 had in his possession the documents that Wikileaks later leaked, which contradicts the narrative put forward on the Guccifer 2.0 research website,, that Guccifer 2.0 was not the source for Wikileaks. Raphael Satter is encouraged to release screenshots of his entire chat with Guccifer 2.0.

BREAKING: New Report Suggests DNC Hacker Was Collecting Opposition Research on Donald Trump

A newly discovered report from the firm that was hired by the DNC to investigate the DNC breach says that the hackers were looking for information that would hurt Donald Trump and other GOP candidates. The report says

“Based on the data exfiltrated from the DNC, one of FANCY BEAR’s goals appears to have been to collect opposition research the DNC’s research staff had gathered on President Elect (then Republican primary candidate) Donald Trump and other Republican (GOP) presidential candidates.” (page 11). 

According to the Crowdstrike, Fancy Bear is the alleged hacking entity that stole data from the DNC and leaked it to Wikileaks. Crowdstrike’s findings have been used by the DNC and the US Intelligence Community to claim that Russian was involved in the election to hurt Hillary Clinton and help Donald Trump. The newly revealed information appears to contradict that narrative by showing Fancy Bear was allegedly helping Clinton by hurting Trump and the GOP. 

According to Palo Alto Networks, a spear fishing attack on May 26, 2016 “to a U.S. government entity” was successful, while Crowdstrike says the virus was in the DNC system in April 2016. The attack was allegedly passed on to targets through infected RTF files. Crowdstrike appears to contradict the report of Palo Alto Networks on the timeline of when the DNC was breached.

Contact: [email protected]

Questions the DNC Don’t Want Asked on Guccifer 2.0 And Their Claim He Took Only Two Files

The Washington Post article, National Security Russian government hackers penetrated DNC, stole opposition research on Trump” from June 14, 2016, states that the hacking group known as Fancy Bear “broke into the network in late April and targeted the opposition research files. It was this breach that set off the alarm. The hackers stole two files, Henry said.” The article then states that “The DNC said that no financial, donor or personal information appears to have been accessed or taken, suggesting that the breach was traditional espionage, not the work of criminal hackers.” The article continues, quoting DNC lawyer Michael Sussman of the Perkins Coie firm: “But at this time, it appears that no financial information or sensitive employee, donor or voter information was accessed by the Russian attackers,” he said.

However, in the subsequent article the following day, June 15, entitled “Guccifer 2.0’ claims credit for DNC hack“, the Washington Post reports that Guccifer 2.0 posted to a website some of the allegedly stolen documents. They included a file titled “Donald Trump Report,” dated Dec. 19, 2015, and a list of what was purported to be million-dollar-plus donors to the Democratic Party.”

Questions the DNC must answer are, 1) Why did the DNC say that only two opposition research files were taken, and not donor information, when Guccifer 2.0 did indeed take both the opposition files and the donor files? 2) Why did Guccifer 2.0 release the opposition research files, when those files could prove to be harmful to Donald Trump, if he was indeed a hacker on a mission to elect Donald Trump? 3) Did the DNC collude with Guccifer 2.0 in directing him to release the opposition research files? 4) Why did Guccifer 2.0 continue to release opposition research files, when he later released an archive of Sarah Palin’s Twitter messages on July 14, and the first page of the Trump Foundation’s income tax form and the Trump financial report on October 18, if he had already proven that he had hacked the DNC? and 5) What specific part of the software Crowdstrike used to analyze the DNC server would show that only two files were taken, when presumably hackers were in the DNC system for weeks on end?

If the answer is that the DNC or Crowdstrike did not have full visibility into the scale of intrusions on their security infrastructure, is it a coincidence that the only files the DNC or Crowdstrike thought were missing at the time were the two opposition research files, which if released would be damaging only to Trump and not Clinton, and that Guccifer the next day did indeed release those two opposition research files that are harmful to Trump but not Clinton? Those two files were entitled “Donald Trump Report” and “2016 GOP presidential candidates” in the releases. Are these opposition files that Guccifer 2.0 released the same ones that the DNC is referring to, or was Guccifer 2.0 holding on to even more harmful information, and released the Trump report and GOP report to deflect from it? All of the information from the Trump report comes from public sources. On the other hand, why would Guccifer 2.0 release the opposition research if he was supposed to be helping Donald Trump, if he could prove that he has hacked the DNC by sharing any of the 38 other files he subsequently leaked in later months?  

Contact Steve Cunningham at [email protected]

Did Wikileaks directly receive information from Guccifer 2.0?

Regarding the DNC’s secrets being spilled in the last election, the question is, as the American Thinker’s Mike Razar has put it, whether Wikileaks “received the information from the Russian government or from some non-Russian hacker source or even an inside leak rather than a hacker.” The question has become, did Guccifer 2.0 directly leak information to Wikileaks?

In order to assess this, we need to look at all of the facts. A recent front cover article of the New Yorker magazine, entitled Julian Assange, a Man Without a Country, reveals some previously unknown, unreported or unpublished interactions of Guccifer 2.0 with others, and other new information that does not even appear on the timeline of Guccifer 2.0 interactions on the “Guccifer 2.0: Game Over” website. One set of information, as extracted from the aforementioned New Yorker article, relates to how Guccifer 2.0 apparently knew that Wikileaks is delayed in releasing the files that Guccifer 2.0 allegedly sent them, and that this knowledge shows that Guccifer 2.0 is supplying Wikileaks with information, or simply colluding with Wikileaks.

There are three examples of such interactions as described in the New Yorker article, in the author Raffi Khatchadourian‘s own words (and arranged chronologically, with boldface added):

1) On June 17th, the editor of the Smoking Gun asked Guccifer 2.0 if Assange would publish the same material it was then doling out. “I gave WikiLeaks the greater part of the files, but saved some for myself,” it replied. “Don’t worry everything you receive is exclusive.” The claim at that time was true.

2) In early July, for example, Guccifer 2.0 told a Washington journalist that WikiLeaks was “playing for time.” (Indeed, the article by Joe Uchill from July 13 contains these sentences from electronic chats: “The press [is] gradually forget[ing] about me, [W]ikileaks is playing for time and [I] have some more docs.”)

3) According to Uchill’s July 22 article, The [Wikileaks] site does not specifically address who leaked the documents, but hacker Guccifer 2.0 who recently breached the DNC servers confirmed via electronic message that the emails came from that hack. “At last!” he wrote. 

Also, Khatchadourian notes other interactions that have not been documented by others so far, including his apparent attempt at interaction in mid-August 2016 with Emma Best, a journalist and a specialist in archival research who, according to her Twitter handle, is suing the FBI for 2.1 million documents. Khatchadourian seems to think that Guccifer 2.0 was considering sending his documents to Khatchadourian instead of Wikileaks in this time period. However, why would Guccifer 2.0 have written “at last!” on July 22nd to Uchill, and seemed to be happy with Wikileaks’ progress in releasing documents, but then attempted to find a different entity or individual to release the documents only a few weeks later in mid-August? It would make more sense if, between June 17 and July 22nd, the dates of the first and third aforementioned interactions, Guccifer 2.0 would have expressed a desire to send the DNC documents elsewhere. Regardless, Emma Best later commented on Twitter regarding the article, stating that “This is accurate.”

The question for American Thinker readers, researchers and the community ought to be, do you agree with the New Yorker article when it claims that Guccifer 2.0 knew that Wikileaks is delayed in releasing the files in July 2016, as per the New Yorker article, the editor of the Smoking Gun and the Uchill articles from July 13 and July 22nd? It would be helpful if full transcripts of interactions with Guccifer 2.0 would be released by these entities for publication and analysis.

Researcher Verifies Robbin Young’s Guccifer 2.0 Chats

Hannibal Moot has verified Robbin Young’s chats with Guccifer 2.0, responding to her newly released photos and concluding that “It is safe to say, problems in older versions of Twitter’s software could have contributed to the anomalies with the icons.” Moot went further and validated the argument that a glitch in the software is likely to blame, stating: “Am I being overly particular? Possibly. It is likely a software glitch. The new shot looks legitimate.”

Guccifer 2.0’s told Robbin Young that murdered DNC staffer Seth Rich was his whistleblower, stating to her that “his name is Seth, he was my whistleblower” in the Twitter Direct Messages that she has released.

The editor of BullTruth Magazine, Hannibal Moot, had in the past taken exception to these anomalously misplaced signs when Robbin Young originally released her chats, pointing to how the “block and garbage symbols” were in the wrong spot. Moot had previously acknowledged the argument that the software Young used to release the chat may be to blame, stating “The software itself is what I would consider to be the strongest argument.” However, he has only recently concluded that the problems with the image are with a software glitch. 

Robbin Young had released a full set of photos of each of her chats with Guccifer 2.0, and Moot was responding to the new photos. The chats will help investigators and perhaps the House and Senate Intelligence Committees in assessing Guccifer 2.0, and perhaps lead to a more formal investigation of the alleged Seth Rich connection. 

Contact Steve Cunningham at [email protected]

Guccifer 2.0’s Darling Robbin Young Continues to Disclose Images of Chats

Robbin Young’s Chat With Guccifer 2.0

Robbin Young has created a new blog and published a new image of her chat with Guccifer 2.0, as released in a recent tweet. While only one new image of her already released chats was just now released, the image adds to the uncropped image that was released on Twitter in May. The images are again an improvement from the chats originally released in early 2017, in that certain anomalies are not present.

The editor of BullTruth Magazine, Hannibal Moot, had taken exception to these anomalously misplaced signs when Robbin Young originally released her chats, pointing to how the “block and garbage symbols” were in the wrong spot. Moot however has acknowledged the argument that the software Young used to release the chat may be to blame, stating “The software itself is what I would consider to be the strongest argument.”

The new image released in June 2017, with a higher resolution than the image released via Twitter in May 2017, contains the date and time that the image was taken (May 29, 2017 at 8:35am). The new image also shows what Operating System was used when taking the screenshot (Windows). In the background, below the Direct Messages, Guccifer 2.0’s second last tweet is visible, which means this screenshot was indeed made after January 12, 2017, the date of Guccifer 2.0 final tweet, which would appear behind the Direct Message screen if it were closed. On the top right corner, Robbin Young’s image is visible, indicating she is logged into her account when accessing these chats.

It would be a beneficial for Young if she published a series of screenshots of her entire chat in chronological order, for the record, and if she invited a journalist or reporter to witness her accessing her chats. The question of why the originally released chat messages contained oddly placed “block and garbage characters” identical to the ones occurring in the Aaron Nevins chat could then finally be made mute.

Guccifer 2.0’s told Robbin Young that murdered DNC staffer Seth Rich was his whistleblower, stating to her that “his name is Seth, he was my whistleblower” in the Twitter Direct Messages that she has released, as reported by Right Side News.




Wikileaks: Robbin Young Releases Uncropped Images of Her Guccifer 2.0 Chat; Adds Credibility to Guccifer 2.0’s “Seth Rich Was My Whistleblower” Claim

On May 29, Robbin Young released two uncropped images of her chat with Guccifer 2.0, including her first messages with him on August 15 and her discussion with him about Seth Rich on August 25th, 2016. The versions she released are identical to the original version of the chat she released earlier in the year, available on her website, except for some visual differences.

The main visual difference between the messages is that the original message that Robbin Young posted from August 25, where Guccifer 2.0 says “His name is Seth, he was my whistleblower”, had an oddly placed block and garbage symbol, while the recently released version has no such sign. The editor of BullTruth Magazine, Hannibal Moot, had taken exception to these misplaced signs when Robbin Young originally released her chats, pointing to how the “block and garbage symbols” were in the wrong spot. However, Moot has since revised his claims, as Robbin Young had Tweeted out these uncropped screenshots of her chat with Guccifer 2.0. Hoot then explains a theory that the anomalies may be as a result of the software Robbin Young was using to record her chats. He states that “The software itself is what I would consider to be the strongest argument.”

Robbin Young’s recent releases of uncropped images of her chat add to the veracity and authenticity of her claim to have chatted with him, although the most decisive approach would be for her to invite a reporter or journalist to watch her accessing her chats. This approach will prevent the Washington Post from calling Young’s chats “unverified” in one article, and “possibly altered” in another article. Salon referred to it as a “purported direct message conversation.” Even Fox News, in their only televised reference to Robbin Young, stated, “although it’s not clear if the messages are in fact authentic.”  

The content of Robbin Young’s messages can be more greatly explored in the future, including Guccifer 2.0 reference to Seth Rich as his whistleblower. There will also potentially be implications for the Russian hacking narrative. 

Contact Steve Cunningham at [email protected]

Roger Stone Did Not Know Guccifer 2 Was Male

Robbin Young, a Bond Girl according to her biography, has shared the romantic twitter direct messages she had been having with Guccifer 2.0, the infamous individual that leaked DNC documents during the 2016 Presidential election. However, Twitter has been ablaze recently with critics of Roger Stone pointing out to his supposed use of the term “Her” in describing Guccifer 2.0, which supposedly means that Stone knows who Guccifer 2.0 is. However, Guccifer 2.0 replied to a romantic poem that Young sent him by saying, “it made me hard.”

Therefore, Guccifer 2.0 is either a man, a transgendered man, or a woman with an elaborate desire to come across as a lovestruck man. If Stone did refer to Guccifer 2.0 as a woman, he must not know her in the same deep way that Robbin Young does, as Young refers to her “friendship” with Guccifer 2.0, a man she “respects and admires.”

The recently released Twitter exchange between Guccifer 2.0 and Robbin Young also shows his use of language, which may provide clues as to his origins. The exchange has been uploaded to Twitter in over 14 minutes of footage, with Guccifer replying to Young between August 15 and August 30, 2016. Guccifer 2.0 also refers to a story about a “whistleblower friend of of mine and my assistant,” but it is unclear to whom he is talking about. He also claims that Julian Assange may be connected to the Russians, and that he doesn’t trust him because of that. Guccifer 2.0 also makes reference to Seth Rich, “my whistleblower“, who was of murdered in July of that year. 

Contact Steve at [email protected]

Evidence Suggests Guccifer 2.0 is a DNC Operative

Rep. Adam Schiff stated on March 20 to the House Intelligence Committee that Guccifer 2.0 was an “intermediary” used by Russian intelligence service to leak hacked information from the DNC. However, according to Adam Carter, a Twitter user and an individual investigating Guccifer 2.0, information has been uncovered that shows a DNC Staffer edited Guccifer 2.0 released files only 30 minutes before they were released, and that Russian fingerprints were intentionally added to the releases. 

According to Carter’s website, Guccifer 2.0: Game Over,  “Metadata suggests it took only 30 minutes to go from a DNC tech/data strategy consultant creating documents to Guccifer2.0 tainting them – all occurring on a date that Guccifer2.0 claimed to be after he was locked out of the DNC Network – occurring on the same day that Guccifer2.0 emerged. Furthermore, “Data found deeper in files now also demonstrates there was a misdirection effort, that, in it’s larger scope – seems to have been intended to discredit leaks by having leaks blamed on Russian hackers.”

Specifically, four files from the June 15 release were created by DNC Staffer Warren Flood approximately 30 minutes before being modified by Guccifer, including 2.doc, which was created at 1:38pm and modified by “Феликс Эдмундович” at 2:11, 3.doc, created at 1:38pm and modified at 2:12pm, and 5.doc, created and modified at the same time, 2:13pm! This could suggest they were created and modified by Warren Flood or his computer at the same time they were being edited with a new Russian “modified by” name added to it. 

Furthermore, Carter alleges that Guccifer 2.0 engaged in “misdirection” by making it appear he was Russian, when he was not, by naming his computer account after the founder of the Soviet Secret Police. Guccifer 2.0 also created/opened and then saved documents so the Russian name was written to metadata, used a Russian VPN service to cloak his IP address and used public web-based email services that would forward his cloaked IP. He then contacted various media outlets using all of this, so that any simpleton will think he is a Russian, although outwardly denying he is a Russian.

The real reason for all of this, according to Carter, is that the DNC was desperate to portray information that was sent to Wikileaks as a Russian hack in order to cast doubt on the authenticity of the documents and to make the conversation about Russian meddling in the election. Carter says that “The campaign was in a desperate position and really needed something similar to a Russian hacker narrative and one where they would be fortunate to have a seemingly clumsy hacker that leaves lots of ‘fingerprints’ tainting files and bringing the reputation of leaks iinto question… Sure enough, 2-3 days later, Guccifer2.0 – the world’s weirdest hacker – was spawned and started telling lies in an effort to attribute himself to the malware discoveries, etc.”

Guccifer 2.0 Appears To Be One Person

At the Hearing of the U.S. Senate Select Committee on Intelligence on March 30, Thomas Rid, Professor Department of War Studies, King’s College London, made the following statement:

  • “Guccifer 2 is certainly not just one individual because in private interaction with journalists we can literally see different types of humans at play. Some use consistently at a specific time lots of smilies and very informal, and there’s more a formal, all communicating through the same channels.”

Therefore, I attempted to fine examples of these “lots of smilies and very informal” communications, and the formal communications, in order to prove or disprove this theory. 

Some examples of these “very informal” private twitter messages is his chat with the BBC in October 2016, where he uses smileys on October 18 and the term “u” instead of “you” on October 7th and October 18; his chat with on July 21, where he uses the term “u” 10 different times, while explaining the high-tech way in which he hacked the DNC, when he used a “0-day exploit of NGP VAN soft then I installed shell-code into the DNC server” (is this considered an informal or formal chat?); and his chat with former Playboy model Robbin Young between August 15 and August 30th, where he uses a multitude of smilies to express his affection for her, while at the same time, stating “ur soul’s so pure and unspoiled – it beckons me“, using a formal word like “beckons” in a sentence that also has an informal “u”. He also claimed to her on August 25 that murdered DNC Staffer Seth Rich was his whistleblower, implying that his data was obtained by a DNC leak, in direct contradiction of his aforementioned July 21st claim to that he was a hacker that broke into the DNC server. Therefore, Guccifer 2.0 also contradicts himself even when he is in this “very informal” state of smilies and using the word “u”.

An arguable example of formal private twitter messages includes his chat with Roger Stone between August 15 and September 9, where he uses the term “u” with him 5 times on August 17th, but on September 9th, writes the intelligent statement, that “the basic premise of winning an election is turnout your base (marked turnout) and target the marginal folks with persuadable advertising (marked persuadable),” in explaining the documents he is releasing. However, because in the past the “informal” version of Guccifer 2.0 has shown he can be both informal and formal, it is possible that this statement was written by the same person sending the informal messages. We can see that Guccifer 2.0 is an intelligent individual capable of both informal and formal chats, of limitless use of the word “u” and smilies when chatting with allies, while capable of making intelligent statements to explain the utility of the documents he is releasing.  

Would the CIA frame Russia in DNC attack, yet wiretap Trump Tower?

The recent Wikileaks contains hacking tools for the CIA that are used to “avoid fingerprints implicating the CIA and the US government” in its hacking. Indeed, according to Wikileaks’ analysis, the UMBRAGE and these related projects can “misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.” Since the security company Crowdstrike, funded by the DNC, has identified “two separate Russian intelligence-affiliated adversaries present in the DNC network in May 2016,” by the name of COZY BEAR and FANCY BEAR, and the Obama-led intelligence community (or “band of leakers”) “confirmed” this in their report in the dying days of their administration, many have thought it was Russia behind the DNC attack. Since we can assume, based on the recent wikileak, that the CIA can replicate a Cozy Bear and fancy Bear attack, the question we ought to ask is, would the CIA frame Russia and hack the DNC?

Certainly, the case can be made that the CIA, at least outwardly, has been Pro-Obama and Anti-Trump. Take into account the many leaks from the Trump administration, to which President Trump tweeted on Feb. 14, asking, “The real story here is why are there so many illegal leaks coming out of Washington? President Trump went further and claimed that the CIA obtained the leak-worthy information through illegal monitoring, when he tweeted on Mar. 4 that he “just found out that Obama had my “wires tapped” in Trump Tower just before the victory.” Mr. Trump also said in a Fox News interview, regarding the leaks, that “I think that President Obama’s behind it because his people are certainly behind it.” The question remains, how can the CIA be so obviously against Trump, yet potentially have helped him so much with the DNC leaks?

The answer is that there could be rogue Pro-Trump individuals within the CIA agency doing the hacking behind the back of their Pro-Obama superiors. That would be the only way to explain the discrepancy, if it is true that the CIA framed Russia in the DNC attack. According to the Wikileaks trove of CIA files, these cover-up tools are contained in the documents entitled Development Tradecract Dos and Don’ts, use of encryption to hide CIA hacker and malware communicationdescribing targets & exfiltrated data as well as executing payloads and persisting in the target’s machines over time. Since the CIA has this cover-up capability, does Russia have it too?

According to John McAfee, the internationally-renowned information security pioneer and founder of global computer security software company McAfee, “Any hacker capable of breaking into something is extraordinarily capable of hiding their tracks. If I was the Chinese and I wanted to make it look like the Russians did it, I would use Russian language within the code, I would use Russian techniques of breaking into organizations. (…) He continued, “If it looks like the Russians did it, than I can guarantee you, it was not the Russians.”  The question is, why would Russia leave its fingerprints in the hacking job, if it was them, since they could have deleted those tracks?

Either the Russians wanted everyone to know it was them when they hacked the DNC, or it wasn’t them at all. It could also have been another country or group that replicated Russia’s fingerprints, including rogue individuals in the CIA, or it really could have been a Romanian hacker utilizing Russian hacking tools, as Guccifer 2.0 has claimed he is Romanian all along.

More needs to be done to find if there any Pro-Trump elements in the intelligence community in the run up to the 2016 Presidential Election, if Russia has in the past covered its tracks when it uses established hacking tools, and how easy it is for another country or group to replicate a Fancy Bear or Cozy Bear attack.

“We cannot connect dots to Guccifer 2.0” Senate Intel Hearing Cyber Analyst Says

Kevin Mandia, chief executive officer of FireEye Inc., listens during a Senate Intelligence Committee hearing in Washington, D.C., U.S., on Thursday, March 30, 2017. Leaders of the committee promised a thorough and impartial investigation into Russian meddling in the U.S. presidential election at the hearing, held as a House probe remained mired in partisan disputes. Photographer: Andrew Harrer/Bloomberg

There is No Evidence to Connect Russia to Guccifer 2.0 – Senate Intel Hearing Cyber Analyst Says

At the Senate Intelligence Committee hearing on March 30, during testimony from experts, Kevin Mandia, Chief Executive Officer of the security technology company FireEye, said the following in response to Senator Lankford asking if there is any connection between Guccifer 2 and the alleged Russian breach of the DNC server: “We cannot connect all the dots from the breach, at least with the observables available to my company and our investigators. We can’t go from breach, and leaked data, to suddenly Guccifer 2.0, we just don’t have the means to do that.” 

The Intelligence Committee has been holding hearings over the past few weeks regarding alleged Russian interference in the election. However, new information has surfaced that the Committee hasn’t reviewed yet, including In the last few days, which was released by Wikileaks regarding Guccifer 2.0, with the tweet, “Direct Messages from U.S. alleged Russian spy @GUCCIFER_2 to actress-model @robbin_young (according to the latter).” 

The Wikileaks direct messages release have echoed in social media, with news sites pointing to Guccifer 2.0 claiming Seth Rich was his whistleblower, which is in contradiction to his previous claims of hacking the DNC directly. Guccifer 2.0 states that “His name is Seth, he is my whistleblower” and that “I’d like to find a journalist who can do an investigation and teel [sic] the real story of his life and death.” The new articles have generated thousands of views and shares on the matter. 


Guccifer 2.0 claimed to Robbin Young that murdered DNC staff Seth Rich “was my whistleblower”

On April 11, Robbin Young tweeted how the FBI left a letter at her home requesting/demanding an interview. Young has found a lawyer and on April 12 private Twitter messages between her and Guccifer 2.0, where Guccifer 2.0 claimed that “Seth [Rich] was my whistleblower,” which would only make sense in the context of Rich being a DNC leaker sending information to Guccifer 2.0. However, Guccifer 2.0 has always claimed publicly that he obtained his information by hacking the DNC.

Seth Rich was murdered in front of his home in 2016. Speculation has been rife ever since then that he knew too much about something, and that he was assassinated.

Does the FBI’s immediate response to Robbin Young mean they are taking the Seth Rich information seriously? Or are they trying to pry more information about Guccifer 2.0 out of Robbin Young? As Robbin Young has said that she has received death threats as of late, is the FBI truly offering to protect her, or do they want to intimidate her from disputing the FBI’s narrative regarding Guccifer 2.0 being a hacker, being an entity that is represented by multiple people instead of one, and being a Russian? Young believes that Guccifer 2.0 is Romanian as he claims, is one individual and not many, and that Seth Rich was his leaker at the DNC.

Given the FBI’s interest in Robbin Young, the Republican members of the House and Senate Intelligence Committees may be interested in calling her to testify before the hearings that the House and Senate have been convening over the past few weeks on the alleged hacking during the election. They may also direct the FBI to disclose their specific interest in Robbin Young, and to conduct a thorough investigation of the Seth Rich leaker claim and any other leakers at the DNC, including an investigation into Seth Rich’s murder and any ties to the DNC.

The FBI may be engaged in a more thorough analysis of Guccifer 2.0’s conduct, including a language analysis that encompasses the new text disclosed by Robbin Young, and the apparent attempt at misattributing his origins as being Russian when he intentionally added Russian metadata to his releases, such as adding Felix Dzerzhinsky as the modifying author, changing the native language of the document to Russian, and using a Russian language template. There were no other textual differences between Guccifer 2.0’s release of documents and Wikileaks release of those same documents, although Wikileaks documents were dated later than Guccifer 2.0’s, and Guccifer 2.0’s contained the name of Warren Flood as the creating author while Wikileaks’ contained the original author. Warren Flood’s job description at his firm is “helping campaigns, organizations, and companies implement winning strategies using data, analytics, and technology,” while Seth Rich was “voter expansion data director” at the DNC. It is unclear if they worked side-by-side.

Contact Steve Cunningham at [email protected]