2016-2020: the US and Russian hackers

Is Putin interfering in American democracy?

Investigation of Bombus

“Bombus” publishes an analytical review of one of the world’s main topic – “Russian interference” in the US elections. In America the politicisation of this issue is extremely high – the reputation of the authorities depends on it. Readers in Russia, in general, do not care – if there was interference, it is good that we have such hackers, and if not, then again the slander is done in vain. Both options fit into the patriotic discourse. That is the key to our objectivity. We have no reason to be biased and come up with a specific answer. We’re just curious ourselves – was there Russian interference in the 2016 US election or not?

What are ‘Bombus clarity tablets’?

In today’s information world enemies expressively assert opposing things. It is impossible for society to understand who is right – the number of reports and ‘facts’ from different sides is too immense. The main purpose of our ‘clarity tablets’ is to sweep away obvious speculation and to compartmentalise what can be analysed. Society should be able to think, not just believe or not believe manipulators from different sides.

Introduction: The Russians are back in fashion

According to an “Ipsos” exit poll commissioned by ABC News, 51% of Americans support US President Donald Trump’s impeachment. The reason for the US president’s removal from power was Trump’s talks with Vladimir Zelensky about the possible corruption of Democrat Joe Biden during his work in Ukraine.

The House Intelligence Committee received a complaint dated August 12th 2019 from a certain intelligence agent who wrote that “more than six sources” had received information that “the President of the United States is using his administration’s staff to demand interference by a foreign power in the 2020 presidential election.”

It was about pressure on Ukraine “to open an investigation against one of the president’s main political opponents in the United States”, i.e., Biden.

But the main enemy remains Vladimir Putin, who, according to Republican congressmen, wants to pit Americans against each other again (like in the 2016 election), so that “the world, which should focus on Putin’s illegal annexation of Crimea and the ongoing aggression in other parts of Ukraine”, has its eyes on the party showdown in the United States. So again the case of “Russian hackers” in the previous presidential elections became relevant. The logic of American politicians is that since Putin interfered back then, it means that now it is his machinations. Senator Amy Klobuchar, for example, remembered that “Putin is the guy who shot down planes flying over Ukraine”, and he was also “poisoning his enemies”, and so he invaded “the heart of the US election”. The degree of heat of the “Russian theme” in the American political debate exceeded even the level that took place at the height of the Cold War and entered the political history of America as “reds under the beds”.

Conclusion: “Russian interference” in the 2016 US election is still a topical theme in America and will remain so in the 2020 election.

Criminal event

In this article we will deal with only one, but the loudest, case of possible interference in US elections – the hacking of the email of the governing body of the Democratic Party of the United States, its National Committee (DNC).

In the spring of 2016, during the preliminary election (primaries) of the Democratic Party, its National Committee suddenly announced that its information systems had been hacked by someone.

The private company involved in the investigation, “CrowdStrike”, concluded that the Russian intelligence-related groups of hackers “Cozy Bear” and “Fancy Bear” were involved in the breach and collected dirt against Donald Trump’s competitors.

Then someone under the name “Guccifer 2.0” on an Internet blog took responsibility for breaching the DNC information system and promised to publish the obtained dirt on the “WikiLeaks” website, which was soon done.

Trump said that the Democratic Party had hacked itself “in order to divert attention away from other problems.”

But the fact of the breach is obvious and no one denies it.

Conclusion: The hack really happened, and it had serious consequences.

Key source

The first thing to pay attention to is the investigating company “Crowdstrike” and its reputation.

On December 22nd 2016 the “CrowdStrike” website published a sensational report in the style of American 1980s fighters from “Rambo 3” or “Red Heat”. It said that Ukraine lost up to 80% of its howitzers during the fighting in Donbass due to computer hacking. It was alleged that Russian hackers associated with the GRU had infiltrated the GPS data of Ukrainian gunners’ tablets from which howitzers were controlled and destroyed them.

The head of “CrowdStrike”, Russian emigrant Dmitry Alperovich, said that Ukrainian gunners were targeted by “Fancy Bear” – the same hackers who hacked the Democratic National Committee (DNC).

In an interview with the Democrat-linked “Washington Post”, he said: “The fact that they [these hackers] would be tracking and helping the Russian military kill Ukrainian army personnel in eastern Ukraine and also intervening in the U.S. election is quite chilling.”

These findings were confirmed by “CrowdStrike” representatives in Internet correspondence with “Voice of America”: “It is indisputable that the app has been hacked with Fancy Bear malware”. DNC interim chairman Donna Brazile tweeted: “Cybersecurity firm finds a link between DNC hack and Ukrainian artillery”. I.e., Trump’s opponents confirmed the findings of “CrowdStrike” concerning howitzers just as much as concerning election meddling.

But there was an awkward situation. In December 2016 the creator of the same application for Ukrainian artillery Yaroslav Sherstyuk said that the report of “CrowdStrike” was “delusional”, and the technical adviser of the Ukrainian Armed Forces (UAF) Pavel Narozhny said that units of the UAF that used the application never reported anything about losses of howitzers at all.

“CrowdStrike” tried to get out of this situation, reporting that it was not their data, but information from the London think tank of the International Institute for Strategic Studies (IISS), which they merely quoted. With this excuse, they provoked the next wave of ridicule. The matter is that in the “CrowdStrike” report there isn’t at all a link to IISS, but to an article on “The Saker” website that is the material of the known Russian blogger Colonel Cassad (Boris Rozhin) from LiveJournal translation into English. And it is precisely Rozhin who gives data about the loss of half of Ukrainian military equipment from 2013 to 2016 (in 2013 the fighting had not yet taken place) with reference to a pirate torrent repository from “rutracker.org”, where the results of the IISS study were allegedly uploaded. Naturally, IISS representatives themselves stated on VOA’s pages that their data had nothing to do with the “CrowdStrike” report and had been used erroneously.

It would seem that after such a scandal it is necessary to apologise at least publicly. But in March 2017 “CrowdStrike” simply cleans up the December report, removing the data published by the blogger Rozhin, and the management of the company, represented by Alperovich and Shawn Henry, refuse to testify about Russian hackers in the Intelligence Committee of the House of Representatives of the United States Congress. In addition, they also refused to comment to the “Daily Mail”. But they were given a comment by cybersecurity expert Jeffrey Carr.

“They just found what they wanted to find…they didn’t stop for a moment to question it,” said Carr. “This is like an elementary school-level analysis.”

Journalists of “The Baffler” laughed openly at this “elementary school”.

“It’s not like it’s a club and everyone has a membership card that says Fancy Bear on it. It’s just a made-up name for a group of attacks and techniques and technical indicators associated with these attacks,” said the cybersecurity expert Jeffrey Carr to the publication, expressing doubt that hacker groups such as “Fancy Bear” and “Cozy Bear” exist at all.

Conclusion: Key hacking investigator “CrowdStrike” is a discredited source prone to data fraud.

Felix Edmundovich and Cyrillic

Former (until 2017) Director of National Intelligence of the United States (DNI) James Clapper (at one time he lobbied for the invasion of Iraq on the basis of false data about the presence of weapons of mass destruction there), while still in his position, stated that there was deeper evidence of a Russian trace than the data of “Crowdstrike”. But he said it was classified.

However, former FBI Director James Comey, who led the investigation in 2017, confirmed that the DNC did not hand over FBI servers, and the only Democrat-hired “CrowdStrike” had access to them. So there may probably be no other data.

What are the objective data cited by “CrowdStrike”?

Proof of the Russian trace in the case of the breach of the Democrat servers, according to “CrowdStrike”, is the use of a Cyrillic keyboard in the software code of the malware and the location of the hackers’ servers in the Moscow time zone.

But even if this data is correct, it does not point directly to Russia. There are several other countries with Russian-speaking populations in this time zone.

The proof that the former GCHQ analyst and founder of “Capital Alpha Security” Matt Tate spoke about on his blog also looks artistic in the spirit of this same “Rambo”. Allegedly, one of the word documents stolen from the DNC and published by “Guccifer 2.0” was edited by a certain “Felix Edmundovich.” The subsequent logic is clear: Dzerzhinsky – security services – Russia.

Something interesting about the issue surfaced recently in the trial of former Trump adviser Roger Stone, who was arrested in January 2019. He is accused of putting pressure on witnesses, obstructing justice, and making false statements. On November 15th the court found him guilty of making false statements to the House Intelligence Committee to “hide the unsightly truth” about his communication with the WikiLeaks website. There, he allegedly intended to get compromising information about the Democrats in order to help Donald Trump on his campaign trail. Stone’s lawyers filed a motion to provide them with a full “CrowdStrike” report since Stone could only be guilty of what he was charged with if the fact of hacking by Russian hackers and collusion with them by Trump’s team is proven. The court’s response surprised. It turns out that the “CrowdStrike” reports handed over to the FBI were drafts, and the completed final report does not exist at all.

READ:  The Limits of US' Retreat

Conclusion: The evidence submitted during the investigation concerning hackers has Cyrillic in the code and is in the Moscow time zone.

Espionage passion

In December 2016 the office of James Clapper, the same Director of the United States National Intelligence Service (DNI), reported that he was not so confident in Russian interference in the election, despite the allegations made by the Central Intelligence Agency.

In 2017 the operative part of the CIA report on this topic was declassified and published, excerpts from which we can read:

“In trying to influence the US election, we assess the Kremlin sought to advance its longstanding desire to undermine the US-led liberal democratic order, the promotion of which Putin and other senior Russian leaders view as a threat to Russia and Putin’s regime.

Putin most likely wanted to discredit Secretary Clinton because he has publicly blamed her since 2011 for inciting mass protests against his regime in late 2011 and early 2012, and because he holds a grudge for comments he almost certainly saw as disparaging him.

We assess with high confidence that the GRU used the Guccifer 2.0 persona, DCLeaks.com, and WikiLeaks to release US victim data obtained in cyber operations publicly and in exclusives to media outlets.”

The Kremlin’s principal international propaganda outlet RT (formerly Russia Today) has actively collaborated with WikiLeaks <…> RT routinely gives Assange sympathetic coverage and provides him a platform to denounce the United States <…> RT’s coverage of Secretary Clinton throughout the US presidential campaign was consistently negative and focused on her leaked e-mails and accused her of corruption, poor physical and mental health, and ties to Islamic extremism.

Putin’s chief propagandist Dmitriy Kiselev used his flagship weekly newsmagazine program this fall to cast President-elect Trump as an outsider victimised by a corrupt political establishment and faulty democratic election process that aimed to prevent his election because of his desire to work with Moscow <…> Pro-Kremlin proxy Vladimir Zhirinovskiy, leader of the nationalist Liberal Democratic Party of Russia, proclaimed just before the election that if President-elect Trump won Russia would ‘drink champagne’ in anticipation of being able to advance its positions on Syria and Ukraine.”

Overall, the report claims that Russia used: 1) hacking, 2) disclosure of leaks, and 3) propaganda. But basically the report discusses the dangers of RT TV, while using open sources and assessment judgments. As for hacker attacks, the report refers only to the hacking of the Democrat’s server and the attack on the computers of election commissions, which, as is specifically noted in the report, did not affect the election in any way – these computers did not participate in the counting. I.e., if we throw aside the questions of media and free speech, and talk about real hacking or espionage interference, not just expressing opinions in TV or online – there remains only the hacking of the Democrat’s server.

But the report does not provide any technical evidence in this regard. Only the following publicly available argument has a certain logic: “The main propaganda tool of the Kremlin, RT, actively cooperates WikiLeaks.” This is true. Julian Assange did take part in a broadcast on RT. However, this argument is weak: WikiLeaks cooperated no less, if not more, with leading Western media outlets that were the first to be provided with leaked data. And if he had been offered a broadcast on Western TV channels, Assange probably wouldn’t have refused. WikiLeaks’ past and Julian Assange’s biography makes it highly questionable that the organisation works for Russian or any other intelligence agencies. At least there are no facts that indicate this.

The CIA report in general is written in a colourful journalistic way, and not in a cold analytical way: “The Kremlin’s long-standing plan”; “Putin harboured a grudge”; “Pro-Kremlin agent Zhirinovsky”, who “will drink champagne”; etc. This reduces trust in it – usually, the more colourful the rhetoric, the fewer the facts. At least nothing new could be found in the declassified operative part.

Trump’s team treated the report, of course, critically: they also remembered Powell and Hussein’s weapons of mass destruction, which were not found. And the fact that there could be a lot of people wishing to hack DNC email, from China to “some guys from New Jersey”.

Special Counsel Mueller, in his report, which, by the way, was also largely based on the analysis of “Crowdstrike”, largely denied the CIA’s findings. Although he agreed that Russian election interference took place, he found no evidence of Trump’s collusion with Moscow. I.e., under the laws of jurisprudence, as a result of Mueller’s investigation the CIA report cannot be found to be entirely true, and is in general untrustworthy – how to distinguish what is true and what is not if he is partially wrong?

US Justice Secretary William Barr, who is now accused of pressuring Ukraine as a part of Trump’s impeachment, examined Mueller’s report and concluded in March 2019 that there was no evidence of collusion between the incumbent president’s team and the Kremlin. Not only that, but in July 2019 Mueller discovered instances of media support for Hillary Clinton from Russia.

Conclusion: the CIA claims that the server was hacked by Guccifer 2.0 at the GRU’s order, but provides no evidence.

Ukrainian hackers

Most recently, in early November 2019, the US Department of Justice published about 500 pages of documents included in the Mueller investigation. They include, for example, conversations between FBI agents and former Trump campaign chairman Paul Manafort and other people close to Trump. After studying this entire array, Reuters and Buzzfeed journalists found that in 2016 Manafort considered the hacking of DNC servers to be a matter not of Russian hackers, but… Ukrainian ones. His business partner Konstantine Kilimnik and former Trump National Security Adviser General Michael Flynn said the same.

Are there objective grounds to talk about a Ukrainian trace?

The story started in September of this year, when Donald Trump’s transcript of a conversation with Vladimir Zelensky revealed that Trump had called on the President of Ukraine to deal with the “CrowdStrike” company, allegedly associated with some of Ukrainian oligarchs.

“I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike… I guess you have one of your wealthy people… The server, they say Ukraine has it. There are a lot of things that went on, the whole situation. I think you’re surrounding yourself with some of the same people. I would like to have the Attorney General call you or your people and I would like you to get to the bottom of it,” said Trump.

In the New York Times this rather confusing text was interpreted unequivocally: Trump means that the Democratic Party, with the help of its friends from Ukraine, hacked itself in order to accuse Trump of colluding with Russia, and the server with Hillary Clinton’s missing correspondence, which was not seen by anyone from the FBI, but with which “Crowdstrike” worked exclusively, is located in Ukraine.

Former people’s deputy of the Verkhovna Rada of Ukraine Igor Lutsenko on his Facebook directly named this “wealthy person”.

“The co-founder of Crowdstrike is Dmitry Alperovich, who simultaneously takes a serious position in the Atlantic Council, which is generously financed by Viktor Pinchuk. Pinchuk financially supports not only ‘Washington experts’, but also Democrats in the United States. Pinchuk is the Ukrainian wealthy man Trump mentions,” wrote the politician.

It is no secret that the Ukrainian oligarch Pinchuk, who works closely with the Soros Foundation and other American structures, almost constantly lives in the United States and supports the Democrats, particularly Hillary Clinton. He transferred up to $25 million to her campaign fund. As usual, no one puts eggs in one basket. Pinchuk, according to Special Prosecutor Robert Mueller’s investigation, transferred about $150,000 to the Trump Foundation. The amounts of support are certainly not comparable, and yet such a fact has occurred.

However, line of links Pinchuk – the Atlantic Council – Crowdstrike can raise suspicions, but is not proof of Ukrainian interference. Trump may well have been bluffing, telling Zelensky that the servers are on the territory of Ukraine. Bloomberg generally calls it all cheap conspiracy, as the Atlantic Council is donating money to many people (from Facebook to the Norwegian Ministry of Defence), so it is impossible to unequivocally link Russian emigrant Alperovich to Ukrainian oligarch Pinchuk.

But in addition, on November 19th 2019, at a meeting of the Special Committee of the Lower House of Congress on Intelligence, the former Special Representative of the State Department for Ukraine Kurt Volker said the following:

“Another question is whether or not it is possible that some individual Ukrainians tried to influence the 2016 election or thought they would buy influence. This is at least plausible given Ukraine’s reputation for corruption.”

It is no longer just an opinion, but a testimoney, and about some “individual Ukrainians”. It’s unlikely that Kurt Volker risked too much in such an assessment. If there is too little evidence of Russian interference yet, Ukrainian interference in the 2016 US election is apparent, in at least one episode. It was in Ukraine, and politicians close to American Democrats published a kompromat about the former chief of staff Paul Manafort, who as a result was sentenced to real imprisonment by a US court.

READ:  Industry Outpost

Conclusion: there is no direct evidence that the hackers who breached the server of the Democratic Party were from Ukraine. But there definitely was Ukrainian interference in the 2016 US election.

The Democrat’s version of events

In addition to the CIA report with publicistic wording and a more respectable, but also based on the data of the unreliable company “Crowdstrike”, investigation of the Special Prosecutor Mueller, there are alternative investigations.

On July 26th 2017 William Binney, former technical director of the United States National Security Agency (NSA) for Geopolitical and Military Analysis, co-founder of the NSA Electronic Intelligence Automation Research Center, and his colleagues (17 specialists in total), presented Trump with their alternative investigation. Perhaps its authors are biased, too, but they make interesting arguments that can be partially verified.

According to the report, on the morning of July 5th 2016 someone connected either directly to the DNC server or to the DNC LAN and copied 1976 megabytes (almost 2 gigabytes) to an external device in 87 seconds. The report states that at this rate, data could not be transmitted via the Internet, which means that the documents were copied without the use of the Internet.

This thesis is easy to verify. 2 gigabytes = 16 gigabit = 16384 megabits – we get 188 megabits per second. This speed on the Internet is available only on a dedicated optical line. Moreover, not every server transmits data so quickly. As Internet security experts explained to Bombus, such a speed can be achieved when downloading from a torrent, but there is a protracted start – a whole minute’s connection can only be established.

Besides, the DNC server is definitely not a torrent, so downloading by hackers over the Internet is extremely unlikely. But 2GB of information in 87 seconds can be copied to a flash drive. Thus Guccifer 2.0, if such a person even exists, hacked the server not from Russia, but copied the information either directly from the DNC computer to the flash drive or through the local network.

The Cyrillic template with the task to cut/paste, presented as proof of interference by Russian hackers, was, according to the authors, a late insertion. And if that’s the case, then someone purposefully falsified the evidence.

In addition, the authors of the report claim that there were two “thefts”. First they downloaded the data, which eventually ended up on the “WikiLeaks” website. And only after the first leak became known, in July 2016, a second hack was carried out, the files of which were subjected to computer processing in order to confirm the participation of Russian hackers in this case. Interestingly, both leaks did not occur at all in the time zone of Moscow, as was claimed by “Crowdstrike”, but in the time zone of the east coast of the United States. Experts say that there is a high probability that the hacks were carried out by employees of the Democratic Party itself, and by two different people.

William Binney and others cite the following sequence of actions:

On June 12th Julian Assange announces that WikiLeaks is going to publish “emails related to Hillary Clinton”. On June 14th the DNC “CrowdStrike” contractor states that malware was found on the DNC server and claims that there is evidence that it was injected by the Russians. On June 15th an unknown person under the name “Guccifer 2.0” confirms the DNC’s statement, takes responsibility for the breach and admits to being a source of WikiLeaks.

Experts see this sequence of actions as a pre-emptive step designed to link Russia to information that “WikiLeaks” has threatened to publish.

William Binney writes: “WikiLeaks has not received stolen data from the Russian government. Internal metadata in WikiLeaks public files demonstrates that files received by WikiLeaks were delivered on a media such as a flash drive.”

In December 2016 former UK ambassador to Uzbekistan, and now human rights defender and partner of Julian Assange at WikiLeaks Craig Murray told the “Daily Mail” that Russia had nothing to do with the leak of Clinton’s emails, as in September of that year they were personally handed over to him by an informant from the Democratic Party in a park near Columbia University in Washington.

The leakers’ motivation was “disgust at the corruption of the Clinton Foundation and the ’tilting of the primary election playing field against Bernie Sanders,” said Murray.

Journalists of “The Duran” said that in mid-March 2019 the FBI director led, but unexpectedly interrupted, negotiations with Julian Assange to grant the journalist limited immunity. U.S. intelligence agencies and the Justice Department wanted to prevent the publication of some new leak, and get information about the “WikiLeaks” source that hacked the Democrat’s server.

On March 31st “WikiLeaks” did publish a new leak and unearthed CIA secrets, namely the Marble Framework system, through which, among other things, in 2016 intelligence hacked computers, masked hackers, and attributed the hack to third parties, leaving control signs, such as Cyrillic. Two weeks later, then CIA director Mike Pompeo called “WikiLeaks” a “non-state hostile intelligence service”, Ecuador’s new pro-America president Lenin Moreno, under US pressure, denied Assange asylum at the embassy and Julian Assange was arrested by London police on April 11th.

Conclusion: The download speed data and file metadata indicate that the Democrat’s secrets were copied onto a flash drive, and weren’t stolen by remote hackers. The hacker attack may have been a simulation.

Mystery informant and Seth Rich’s murder

But if it wasn’t Russian hackers and it wasn’t done over the Internet but copied onto a flash drive, who downloaded the Democratic Party’s files?

So, on July 5th 2016 a hack was carried out, and on July 10th Seth Rich, director of voter data protection at the DNC, was killed in mysterious circumstances in the Bloomingdale neighbourhood of Washington, about 30 blocks north of Capitol Hill, where the US Congress is located.

The Dutch Nettavisen then featured an equally mysterious interview with Julian Assange in which he made some hints.

“There was one person 27-year-old who worked for the Democrats, he got shot in the back and was killed a few weeks ago for unknown reasons as he walked down a street in Washington.”

“I suppose it was just a robbery?”

“No, nothing indicates that.”

“What are you implying?”

“I suggest that our sources of information are at risk and that they have concerns when faced with similar cases.”

Was he one of your sources?

“We never give comments about those who are our sources.”

“Then why are you referring to the 27-year-old man who was killed in Washington?”

“Because we have to realise how much is at stake in the game taking place in the US, and that our sources are seriously threatened. They come to us precisely because we can protect their anonymity.”

Assange did not call Rich his informant, but nevertheless for some reason mentioned him in a conversation about the sources of WikiLeaks. The same goes for FoxNews, who ask questions about Rich’s death. At around 4 he was coming home from the bar and talking to his girlfriend on the phone. Suddenly he said he would call her back later and hung up. A few hours later he was found with two bullet wounds and a little later he died in hospital. The camera recorded the moment of the attack. The faces of the gunmen cannot be made out, but it can be seen that this is not a robbery – they did not take money, a watch, or a smartphone. So far, the investigation has produced no results at all.

Due to police inactivity, Seth Rich’s parents were forced to turn to a private detective, Wheeler, who explicitly said that this was not a common crime, the case was likely “related to a whole web of problems in Washington”, and the answer lay in the FBI computer.

Interestingly, a federal investigator familiar with the content of the FBI’s report on Rich’s murder who wished to remain anonymous told FoxNews that Rich had been in contact with the now-late but then-London-based WikiLeaks director Gavin MacFadyen on several occasions. The article is in the cache, but the material has somehow been removed from the link on the website.

It also said that Seth Rich handed McFaiden some 44,053 letters from January 2015 to the end of May 2016, but the FBI may have data on this, while the Washington police are investigating.

Correspondence from Democratic Party members was published by WikiLeaks on July 22nd, 12 days after Rich’s murder.

Seth Rich wasn’t just an employee of the Democratic Party. He supported Bernie Sanders and got into the DNC on the patronage of eco-activist and also Sanders fan Jane Kleeb.

The journalist, filmmaker, human rights activist, leftist, and WikiLeaks anarchist Gavin MacFadyen has generally been friends with Sanders since the 1960s. Given that the leak did not occur during the Clinton/Trump presidential battle, but during the Democrat Clinton/Sanders primary, one can assume that the point of the leak was to help Sanders get around Hillary by exposing her as a fraud and corrupt.

Please note that this is one version, and not a fact. But it has plausible logic.

Conclusion: The leak may have been organised by the officer of the Democrat apparatus, Seth Rich, who was killed in mysterious circumstances.

Pakistani IT workers

In 2016, in addition to the theft of Democratic Party data, there was another resonant theft of data – from the computers of the US Parliament. The Russian trace in this theft has not yet been sought, and most of the accused are Pakistani, employees of the Democratic Party itself.

READ:  Russia’s “Artificial Default” - The Right Way to a New Global Financial System?

House investigators found during a four-month investigation that Democratic Party IT officials Imran Awan, his wife Hina Alvi, his brothers Abid and Jamal, his friend Rao Abbas, Abid’s wife Ukrainian Natalia Sova, and Haseeb Rana made an unauthorised entrance to the servers of the United States Congress in 2016, gaining access to data from members of Congress.

Awan was detained in the summer of 2017 at Dulles Airport while trying to leave the United States. Among the charges against him are collecting confidential information, sending it to a secret server, and copying the data of Democrat congressmen to the forbidden for Congress, but popular and open storage “Dropbox”.

Imran Awan has been an assistant to the head of the DNC, Debbie Wasserman-Schultz, since 2005 and had access to both ad hoc intelligence committee material and the Wasserman-Schultz personal computer, right up to email. I.e., he had access in the Democratic Party to almost everything.

“Wikileaks” even released emails that show DNC officials called Awan when they needed Wasserman-Schultz’s password.

It is indicative, by the way, that as a result of an internal investigation in the DNC, one single person was dismissed, and not in the case of “Russian hackers”, but just the former head of the National Committee Debbie Wasserman-Schultz.

Wasserman-Schultz said that she continued to pay Awan and his wife a salary after the suspicion of the intelligence agencies (when they were going to leave for 6 months in Pakistan) and did not terminate the contract with them even after the establishment of a criminal case and arrest. The explanation for this behaviour was rather strange. She considered Awan and his wife to be victims of anti-Muslim sentiment in the United States.

In August 2017 the US Department of Justice revealed the details of the investigation. Inspector General Michael Ptasienski said Awan and others could create accounts, view, download, update, and delete any information.

The former business partner of Imran Awan’s father’s, Rashid Minhas, told the “Daily Caller” that Imran’s father, Haji Ashraf Awan, had handed Pakistan’s senator, former head of Pakistan’s intelligence agency and former Pakistan Interior Minister Rehman Malik a certain USB drive. And Imran Awan himself boasted that he had the power to “change the US president”.

“Imran Awan said to me directly these words: ‘See how I control White House on my fingertip…’ He say he can fire the prime minister or change the U.S. president,” said Minhas, who is currently in American prison for fraud and is surprised that neither the Department of Justice nor the FBI have ever tried to take evidence from him about Awan and his family.

Thus, there were many people in the Democratic Party, as proved by the American investigation, who stole data without Russian hackers, and Imran Awan also boasted about it.

Conclusion: The leak could’ve been organised by an employee of the IT service of the Democratic Party and a personal assistant to the head of the National Council of the party Imran Awan, who was arrested for breaking into other computers.

Is Assange guilty?

Despite the fact that the office of the Democratic Party had many who could and wanted to leak data, the National Council of the Party filed a lawsuit against Russia in April 2018. And against the GRU, “WikiLeaks” and Julian Assange, Paul Manafort, and Trump’s son-in-law Jared Kushner. All of them, according to the lawsuit, are involved in conspiracy to harm the Democrat candidate Hillary Clinton by distributing stolen documents.

But on July 31st 2018 the case was closed. The court order states:

“If WikiLeaks could be held liable for publishing documents concerning the political financial and voter engagement strategies simply because the DNC labels them secret and trade secrets, then so could any newspaper or other media outlet.”

Since the Democratic Party did not provide evidence that “WikiLeaks” participated in the hacking, and the documents, according to the Democratic Party representatives themselves, were of public importance, their publication is protected by the 1st Amendment of the US Constitution. Thus, Assange did not violate the law by publishing Democrat correspondence.

On July 16th 2019 CNN claimed that the editor has access to photos and videos that allegedly confirm that Assange played along with Trump in the 2016 election. These images and videos (a previous London court hearing on Assange’s extradition revealed that they were made illegally by American intelligence agencies) show a hacker, Andrew Müller-Maguhn, visiting Julian’s Ecuadorian embassy.

This Müller-Maguhn, according to Special Prosecutor Robert Mueller, could have transferred the stolen documents for their publication on “WikiLeaks”. This Mueller data points to a new suspect, but it’s quite contradictory. For example, it is not clear: if Russian hackers broke into the Democrat’s server and emailed the archive, why would someone bring something to the embassy. Müller-Maguhn is believed to be somehow linked to Russia because he took part in Assange’s TV programme that has aired on RT several times. A very weak argument; it is enough to be associated with Assange or simply to be an interesting TV channel expert. It is stated that “Guccifer 2.0” is a hacker of GRU, although it is unclear where such data is from, because even their identity hasn’t been established.

Former NSA Technical Director William Binney sees the oddity that neither Assange, who knows exactly where he got the information from, nor Müller-Maguhn, who Special Counsel Mueller considers to be the courier of the leaks, have been questioned. And Special Prosecutor Mueller for his investigation did not require analysis of the DNC server or analysis of Seth Rich’s computer, and did not even ask Binney himself about the results of his analysis regarding the speed of data transmission.

Conclusion: Andrew Müller-Maguhn may have been the courier of the leak, since he met Assange.

What we were able to establish:

  • The FBI did not have access to Democrat servers and could not obtain its data analysis;
  • Only the private company hired by the Democratic Party with a poor reputation “CrowdStrike” had access;
  • The report of “Crowdstrike” concerning Russian hackers “Cozy Bear” and “Fancy Bear” was a draft. No one knows how these conclusions were confirmed;
  • The only evidence of Russian interference provided to the public are traces of Cyrillic layout and the signature of “Felix Edmundovich” on a number of word documents;
  • The CIA report on Trump’s collusion with Russia is based solely on “Crowdstrike” data and is written not in the genre of analytics, but in the genre of cheap propaganda;
  • Trump’s collusion with Russia is refuted by Special Counsel Mueller’s investigation and the court’s findings in DNC v. WikiLeaks;
  • Democrat employee and Sanders supporter Seth Rich was killed after sending some files to Sanders’ now-late friend and WikiLeaks employee Gavin MacFadyen. This murder has still not been investigated;
  • Former UK ambassador and now WikiLeaks employee Craig Murray reported that he received data from his informant on a flash drive in Washington;
  • An investigation by former NSA employee William Binney found that such a volume of information could only be downloaded in such time to a flash drive and the files published by “Wikileaks” were obtained not by e-mail, but on physical media;
  • Special Attorney Mueller suggests that “Guccifer 2.0” sent the files to Assange either by email or brought to the Ecuadorian embassy personally by ​​Assange’s colleague-hacker Müller-Maguhn, or an unknown person with glasses and a mask. It is impossible to prove this, as well as the connection of these people to Russia.
  • Nobody yet knows who “Guccifer 2.0” is;
  • Neither Assange, Müller-Maguhn, Murray, nor Binney have testified;
  • After the breach DNC chief Wasserman-Schultz was fired. Her personal assistant hacker Imran Awan was arrested while trying to fly to Pakistan for unauthorised access to congressional files. He had access to DNC servers, and his father allegedly handed the Pakistani intelligence services some flash drive with kompromat on the US authorities;
  • Trump, Manafort, and others believe that Ukrainian hackers were involved in the breach and DNC servers are hidden in Ukraine.

What follows from this

The case may be as dark and dirty as Kennedy’s murder. Democrats, Republicans, the FBI, and the CIA are both interested in misrepresenting the issue for their own reasons. The “Russian trace”, in general, suits everyone, even Republicans, unless it leads to Trump.

The case has become overgrown with such conspiracy theological details that it is almost impossible to break through them. What is the result?

Could Russia theoretically interfere, hack, and leak? Of course.

Is there credible evidence of this? No.

Could it have been Trump’s trick to win the election? Of course. Is there credible evidence of this? No.

Could it have been a quarrel inside the Democratic Party? Of course. The main content of the leak is the fraud committed by the party’s leadership in favour of candidate Clinton against candidate Sanders during the primary. And the leak occurred during the primary. There were definitely both Sanders supporters and those who steal data in the party. And these hackers are even in jail.

But this is just a plausible version, and not a fact. There is no direct evidence of either.


Pavel Volkov

Copyright © 2022. All Rights Reserved.