Mueller Indicts 12 Russian Intelligence Officers, Including 'Guccifer 2.0,' For Hacking Democrats

The Department of Justice has indicted 12 Russian intelligence officers for hacking Hillary Clinton’s campaign as well as the Democratic National Committee and the DCCC.

As Motherboard previously reported, Guccifer 2.0, the “lone Romanian hacker” who released sensitive documents hacked from the DNC, was not one person but a series of Russian hackers. According to the indictment, Guccifer 2.0 and a website that released documents called DCLeaks operated in part under a Russian hacking team known as “Unit 74455.”

“All twelve defendants are members of GRU, a Russian federation intelligence agency within the Main Intelligence Directorate of the Russian Military,” read a press release from the Department of Justice.

Much of the information reported in the indictment—aside from the names of the Russians themselves—had been previously reported by journalists or sussed out by security researchers. So it’s no surprise that the DNC hack, or the spearphishing that allowed hackers to infiltrate the email account of Clinton campaign chair John Podesta, was done by Russians.

“The object of the conspiracy was to hack the computers of US persons and entities involved in the 2016 US presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 US presidential election,” the indictment said.

The indictment is worth a read—according to the DOJ, the Russian campaigns involved mined Bitcoin in order to fund their hacking operations, used a combination of spearphishing and man-in-the-middle attacks using malware known as X-Agent (which is known Fancy Bear malware) to exfiltrate data from the three organizations, and then used social media and leaked documents to friendly reporters to get coverage.

“The defendants used two techniques to steal information. First, they use a scheme known as spearphishing, which involves sending misleading email messages and tricking the users into disclosing their passwords and security information,” Deputy Attorney General Rod Rosenstein said. “Second, the defendants hacked into computer networks and installed malicious software. Allow them to spy on users and capture keystrokes, take screenshots and exfiltrate…data from those computers.”

The news comes ahead of President Trump’s planned meeting with Russian President Vladimir Putin. The two leaders are set to meet in Helsinki on Monday. “I briefed President Trump on these allegations earlier this week,” Rosenstein said. “The president is fully aware.”