Justice Department Indicts 12 Russian Nationals Tied to 2016 Election Hacking

Indictments are part of special counsel Robert Mueller’s investigation of Russian interference in the 2016 elections.

The United States Justice Department on Friday announced 12 indictments against Russian nationals, accusing them of engaging in a “sustained effort” to hack Democrats’ emails and computer networks.

According to Rod Rosenstein, United States deputy Attorney General, all 12 defendants are members of the GRU, a Russian federation intelligence agency. Rosenstein accused all 12 of involvement in hacking Hillary Clinton’s presidential campaign, the Democratic National Committee and the Democratic Congressional Campaign Committee. It accuses them of intention to “release that information on the internet under the names DCLeaks and Guccifer 2.0.”

The Justice Department was careful to stress that there is no allegation in the indictment that any American was a knowing participant in the alleged criminal activity and that no assertion is being made that alleged criminal activity “altered the vote count or changed the outcome of the 2016 election.”

Rosenstein said the 12 that were indicted were officials in Unit 26165 and Unit 74455 of the Russian government’s Main Intelligence Directorate.

The DOJ alleges, in 2016, officials in Unit 26165 began targeting volunteers and employees of the presidential campaign of Hillary Clinton, including the campaign’s chairman, with spear phishing messages.

The release of embarrassing DNC documents humiliated Clinton’s campaign chairman John Podesta and eventually lead to the resignation of then-DNC Chairwoman Debbie Wasserman-Schultz.

“Through that process, officials in this unit were able to steal the usernames and passwords for numerous individuals and use those credentials to steal email content and hack into other computers,” according to the Justice Department.  “They also were able to hack into the computer networks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC) through these spearphishing techniques to steal emails and documents, covertly monitor the computer activity of dozens of employees, and implant hundreds of files of malicious computer code to steal passwords and maintain access to these networks.”

The indictment also accuses Unit 26165 with collaborating with Unit 74455 “to plan the release of the stolen documents for the purpose of interfering with the 2016 presidential election.” Rosenstein said that the defendants registered the domain DCLeaks.com, which was later used to release thousands of stolen emails and documents under the guise of being “American hacktavists.”

The groups allegedly used fake Facebook and Twitter accounts to promote the DCLeaks.com website.

“After public accusations that the Russian government was behind the hacking of DNC and DCCC computers, defendants created the fictitious persona Guccifer 2.0. On the evening of June 15, 2016 between 4:19PM and 4:56PM, defendants used their Moscow-based server to search for a series of English words and phrases that later appeared in Guccifer 2.0’s first blog post falsely claiming to be a lone Romanian hacker responsible for the hacks in the hopes of undermining the allegations of Russian involvement,” according to the Justice Department.

The alleged hacking didn’t stop at the Clinton campaign and also included “state boards of elections, secretaries of state, and US companies that supplied software and other technology related to the administration of elections to steal voter data stored on those computers.”

In all, Russian nationals face 11 criminal counts:

  • Count One alleges a criminal conspiracy to commit an offense against the United States through cyber operations by the GRU that involved the staged release of stolen documents for the purpose of interfering with the 2016 president election;
  • Counts Two through Nine charge aggravated identity theft for using identification belonging to eight victims to further their computer fraud scheme;
  • Count Ten alleges a conspiracy to launder money in which the defendants laundered the equivalent of more than $95,000 by transferring the money that they used to purchase servers and to fund other costs related to their hacking activities through cryptocurrencies such as bitcoin; and
  • Count Eleven charges conspiracy to commit an offense against the United States by attempting to hack into the computers of state boards of elections, secretaries of state, and US companies that supplied software and other technology related to the administration of elections.

Suggested articles

It’s Not the Trump Sex Tape, It’s a RAT

Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.