The Daily Beast has an exclusive report discussing how Guccifer 2.0, the ostensible self-purported lone DNC hacker, appears to have slipped up in tradecraft and inadvertently revealed being a Russian intelligence officer:
Guccifer famously pretended to be a “lone hacker” who perpetrated the digital DNC break-in. From the outset, few believed it. Motherboard conducted a devastating interview with Guccifer that exploded the account’s claims of being a native Romanian speaker. Based on forensic clues in some of Guccifer’s leaks, and other evidence, a consensus quickly formed among security experts that Guccifer was completely notional.
Proving that link definitively was harder. Ehmke led an investigation at ThreatConnect that tried to track down Guccifer from the metadata in his emails. But the trail always ended at the same data center in France. Ehmke eventually uncovered that Guccifer was connecting through an anonymizing service called Elite VPN, a virtual private networking service that had an exit point in France but was headquartered in Russia.
But on one occasion, The Daily Beast has learned, Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation. Twitter and WordPress were Guccifer 2.0’s favored outlets. Neither company would comment for this story, and Guccifer did not respond to a direct message on Twitter.
Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow.
There are a few angles to look at this. Primarily, if this is true, it is an major slip-up in GRU cyber tradecraft. Failure to activate a VPN is a huge issue, and not something seasoned actors would normally do.
However, Putin seem unconcerned about being accused of taking part in the DNC hacks, and any potential connections to the Trump campaign. He just won a new term in a sham election, and likely looks at this find as not a big deal.
So what? What will the United States do that could potentially harm Russia? It is not like the Trump Administration has taken a strong stance on Russia.
Finally, the security world had all but decided Guccifer 2.0 was Russian intelligence. This merely adds one additional data point to a lot of data pointing towards the GRU. So really it is not a major find in the grand scheme.