"Guccifer 2.0" is a persona which claimed to be the hacker(s) who gained unauthorized access to the Democratic National Committee (DNC) computer network and then leaked its documents to the media, the website WikiLeaks, and a conference event. Some of the documents "Guccifer 2.0" released to the media appear to be forgeries cobbled together from public information and previous hacks, which had been mixed with disinformation. According to indictments in February 2018, the persona is operated by Russian military intelligence agency GRU. On July 13, 2018, Special Counsel Robert Mueller indicted 12 GRU agents for allegedly perpetrating the cyberattacks.
The U.S. Intelligence Community concluded that some of the genuine leaks from "Guccifer 2.0" were part of a series of cyberattacks on the DNC committed by two Russian military intelligence groups, and that "Guccifer 2.0" is actually a persona created by Russian intelligence services to cover for their interference in the 2016 U.S. presidential election. This conclusion is based on analyses conducted by multiple private sector cybersecurity individuals and firms, including CrowdStrike, Fidelis Cybersecurity, FireEye's Mandiant, SecureWorks, ThreatConnect, Trend Micro, and the security editor for Ars Technica. The Russian government denies involvement in the theft, and "Guccifer 2.0" denied links to Russia. WikiLeaks founder Julian Assange said multiple parties had access to DNC emails and that there was "no proof" Russia was behind the attack. In March 2018, Special Counsel Robert Mueller took over investigation of Guccifer 2.0 from the FBI while it was reported that forensic determination had found the Guccifer 2.0 persona to be a "particular military intelligence directorate (GRU) officer working out of the agency's headquarters on Grizodubovoy Street in Moscow".
On June 21, 2016, in an interview with Vice, "Guccifer 2.0" said he is Romanian, which is the nationality of Marcel Lazar Lehel, the Romanian hacker who originally used the "Guccifer" pseudonym. On June 30, 2016 and January 12, 2017, "Guccifer 2.0" stated that he is not Russian. However, despite stating that he was unable to read or understand Russian, metadata of emails sent from Guccifer 2.0 to The Hill showed that a predominantly-Russian-language VPN was used. When pressed to use the Romanian language in an interview with Motherboard via online chat, "he used such clunky grammar and terminology that experts believed he was using an online translator." Linguistic analysis by Shlomo Engelson Argamon showed that Guccifer 2.0 is most likely "a Russian pretending to be a Romanian".
Some cybersecurity experts have concluded that "Guccifer 2.0" is likely a creation of the Russian state-sponsored hacking groups thought to have executed the attack, invented to cover up Russian responsibility. The cybersecurity firm CrowdStrike, which was hired by the DNC to analyze the data breach, "posits that Guccifer 2.0 could be 'part of a Russian Intelligence disinformation campaign'", i.e. a creation to deflect blame for the theft. Russia has made use of the invention of "a lone hacker or an hacktivist to deflect blame" in the past, deploying this strategy in previous cyberattacks on the German government and the French network TV5Monde. Thomas Rid of King's College London, a cybersecurity expert, says it is "'more likely than not' that the whole operation, including the Guccifer 2.0 part, was orchestrated by Russian spies." The hackers responsible for the DNC email leak (a group called Fancy Bear by CrowdStrike) seem to have not been working on the DNC's servers on April 15 which in Russia is a holiday in honor of the Russian military's electronic warfare services.
On July 18, 2016, Russian government spokesman Dmitry Peskov denied Russian government involvement in the DNC theft. On July 25, 2016, during an interview with Democracy Now!, Julian Assange, editor in chief of WikiLeaks, said no one knows WikiLeaks' sources. He adds that "the dates of the emails that [WikiLeaks] published are significantly after all—or all but one, it is not clear—of the hacking allegations that the DNC says have occurred." The same day, Assange told NBC News that "it's what's in the emails that's important, not who hacked them." When asked by NBC News if WikiLeaks might have been used to distribute documents stolen as part of a Russian intelligence operation, Assange replied: "There is no proof of that whatsoever. We have not disclosed our source." Assange said this was "a diversion that's being pushed by the Hillary Clinton campaign." Assange in 2012 hosted a program on RT, a Russian state-run news channel. U.S. intelligence analyst Malcolm Wrightson Nance said Assange has long disliked Clinton.
The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations. The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the U.S. election process. Such activity is not new to Moscow—the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities.
In March 2018, The Daily Beast, citing U.S. government sources, reported that Guccifer 2.0 is in fact a Russian GRU officer, explaining that Guccifer once forgot to use a VPN, leaving IP logs on "an American social media company" server. The IP address was used by U.S. investigators to identify Guccifer 2.0 as "a particular GRU officer working out of the agency's headquarters on Grizodubovoy Street in Moscow."
Twitter suspended the persona's account on July 14, 2018 for "being connected to a network of accounts previously suspended for operating in violation of our rules." The account had been dormant for at least a year and a half.
Computer hacking claims
On July 18, 2016, Guccifer 2.0 provided exclusively to The Hill numerous documents and files covering political strategies, including correlating the banks that received bailout funds with Republican Party and Democratic Party donations.
On September 13, 2016, during a conference, an unknown and remote representative of Guccifer 2.0 released almost 700 megabytes (MB) worth of documents from the DNC. Forbes also obtained a copy of those. Still according to Forbes, on September 12, 2016, ahead of that conference, Guccifer posted a public Twitter message in which he confirmed that his representative was legitimate. The Russian government denied any involvement. The DNC, the DCCC, U.S. intelligence officials, and other experts speculated about Russia involvement. NGP VAN, who state they are the "leading technology provider" for the Democratic campaigns, declined to comment on Guccifer 2.0's recent statements.
On October 4, 2016, Guccifer 2.0 released documents and claimed that they were taken from the Clinton Foundation and showed "corruption and malfeasance" there. Security experts quickly determined that the release was a hoax; the release did not contain Clinton Foundation documents, but rather consisted of documents previously released from the DNC and DCCC thefts, data aggregated from public records, and documents that were fabricated altogether as propaganda. Singled out as particularly absurd was the idea that Clinton's team would have actually named a file "Pay for Play" on their own server, as Guccifer 2.0's screenshots of the alleged "hack" show. Former Trump confidant Roger Stone was in contact with Guccifer 2.0 during the campaign.
The Guccifer 2.0 persona went dark just before the U.S. presidential election, and resurfaced on January 12, 2017, following the public release of the Steele dossier that asserted the Trump campaign was cooperating with the Russians in their interference in the 2016 presidential election. The dossier also asserted that "Romanian hackers" had performed the hacks.
The Guccifer 2.0 persona made a blog post denying that they had any relation to the Russian government, and calling the technical evidence suggesting links to the Russian government "a crude fake." In the blog post, Guccifer 2.0 indicated they had gained access to the DNC servers through a vulnerability in their NGP VAN software.
Timeline of Guccifer 2.0
- June: Around this time, the conspirators charged in the July 2018 indictment stage and release tens of thousands of stolen emails and documents using fictitious online personas, including "DCLeaks" and "Guccifer 2.0".
- June 15: "Guccifer 2.0" (GRU) claims credit for the DNC hacking and posts some of the stolen material to a website. CrowdStrike stands by its "findings identifying two separate Russian intelligence-affiliated adversaries present in the DNC network in May 2016." Gawker publishes an opposition research document on Trump that was stolen from the DNC. "Guccifer 2.0" sent the file to Gawker.
- June 22: WikiLeaks reaches out to "Guccifer 2.0" via Twitter. They ask "Guccifer 2.0" to send them material because it will have a bigger impact if they publish it. They also specifically ask for material on Clinton they can publish before the convention.
- July 6: "Guccifer 2.0" releases another cache of DNC documents and sends copies to The Hill.
- July 13: "Guccifer 2.0" releases over 10,000 names from the DNC in two spreadsheets and a list of objectionable quotes from Sarah Palin.
- July 14: "Guccifer 2.0" sends Assange an encrypted one-gigabyte file containing stolen DNC emails, and Assange confirms that he received it. WikiLeaks publishes the file's contents on July 22.
- July 18: "Guccifer 2.0" dumps a new batch of documents from the DNC servers, including personal information of 20,000 Republican donors and opposition research on Trump.
- August 5: Stone writes an article for Breitbart News in which he insists "Guccifer 2.0" hacked the DNC, using statements by "Guccifer 2.0" on Twitter and to The Hill as evidence for his claim. He tries to spin the DNC's Russia claim as a coverup for their supposed embarrassment over being penetrated by a single hacker. The article leads to "Guccifer 2.0" reaching out to and conversing with Stone via Twitter.
- August 12:
- Journalist Emma Best has two simultaneous conversations by Twitter direct message with "Guccifer 2.0" and WikiLeaks. Best tries to negotiate the hosting of stolen DNC emails and documents on archive.org. WikiLeaks wants Best to act as an intermediary to funnel the material from "Guccifer 2.0" to them. The conversation ends with "Guccifer 2.0" saying he will send the material directly to WikiLeaks.
- "Guccifer 2.0" releases a cache of documents stolen from the Democratic Congressional Campaign Committee.
- August 13:
- August 15:
- A candidate for Congress allegedly contacts Guccifer 2.0 to request information on the candidate's opponent. Guccifer 2.0 responds with the requested stolen information.
- Guccifer 2.0 begins posting information about Florida and Pennsylvania races stolen from the DCCC.
- The GRU stops its five-attempts-per-second attack on the Illinois State Board of Elections servers.
- August 16: Stone sends "Guccifer 2.0" an article he wrote for The Hill on manipulating the vote count in voting machines. "Guccifer 2.0" responds the next day, "@RogerJStoneJr paying u back".
- August 22:
- Florida GOP campaign advisor Aaron Nevins contacts Guccifer 2.0 and asks for material. Nevins sets up a Dropbox account and "Guccifer 2.0" transfers 2.5 gigabytes of data into it. Nevins analyzes the data, posts the results on his blog, HelloFLA.com, and sends "Guccifer 2.0" a link. "Guccifer 2.0" forwards the link to Stone.
- "Guccifer 2.0" allegedly sends DCCC material on Black Lives Matter to a reporter, and they discuss how to use it in a story. "Guccifer 2.0" also gives the reporter the password for accessing emails stolen from Clinton's staff that were posted to "Guccifer 2.0's" website but had not yet been made public. On August 31, The Washington Examiner publishes a story based on the material the same day the material is released publicly on Guccifer 2.0's website.
- August 23: The Smoking Gun reaches out to "Guccifer 2.0" for comment on its contacts with Stone. "Guccifer 2.0" accuses The Smoking Gun of working with the FBI.
- August 31: "Guccifer 2.0" leaks campaign documents stolen from House Minority Leader Nancy Pelosi's hacked personal computer.
- September 3–5: Wealthy Republican donor Peter W. Smith gathers a team to try to acquire the 30,000 deleted Clinton emails from hackers. He believes Clinton's private email server was hacked and copies of the emails were stolen. Among the people recruited are former GCHQ information-security specialist Matt Tait, alt-right activist Charles C. Johnson, former Business Insider CTO and alt-right activist Pax Dickinson, "dark web expert" Royal O'Brien, and Jonathan Safron. Tait quickly abandons the team after learning the true purpose of the endeavor. Hackers contacted in the search include "Guccifer 2.0" and Andrew Auernheimer (a.k.a. "weev"). The team finds five groups of hackers claiming to have the emails. Two of the groups are Russian. Flynn is in email contact with the team. Smith commits suicide on May 14, 2017, about ten days after telling the story to The Wall Street Journal but before the story is published in June.
- September 15: "Guccifer 2.0" sends a Twitter direct message to DCLeaks informing them that WikiLeaks is trying to contact them to set up communications using encrypted emails.
- October 5: Trump Jr. retweets a WikiLeaks tweet announcing an "860Mb [sic]" archive of various Clinton campaign documents from "Guccifer 2.0".The Minority Members of the House Permanent Select Committee on Intelligence (March 26, 2018). "Minority Views" (PDF). Retrieved April 24, 2019.</ref>
- October 7: At 12:40 p.m. EDT, The DHS and the ODNI issue a joint statement accusing the Russian government of breaking into the computer systems of several political organizations and releasing the obtained material via DCLeaks, WikiLeaks, and "Guccifer 2.0", with the intent "to interfere with the U.S. election process."
- January 12: "Guccifer 2.0" denies having any relation to the Russian government.
- March 10: Roger Stone admits to communicating with Guccifer 2.0.
- March 13: Senate Intelligence Committee Chairman Richard Burr says Roger Stone's communications with Guccifer 2.0 are part of the Committee's ongoing investigation.
- March 22: The Daily Beast reports that Guccifer 2.0, the "lone hacker" who took credit for providing WikiLeaks with stolen emails from the Democratic National Committee, was in fact an officer of Russia's military intelligence directorate (GRU) and that Mueller has taken over the investigation into his criminal activities and his direct contact with Stone.
- June 18: Lawyers for Andrew Miller, a former associate of Roger Stone, challenge in court a subpoena he received for information about Stone, WikiLeaks, "Guccifer 2.0", "DCLeaks", and Julian Assange. Miller's lawyer Alicia Dearn asserts at the hearing that Miller had asked for immunity regarding political action committee transactions involving himself and Stone.
- DC Leaks
- Hillary Clinton controversies
- Mueller Report
- Podesta emails
- Russian interference in the 2016 United States elections
- Uchill, Joe (July 13, 2016). "Guccifer 2.0 releases new DNC docs". The Hill. Retrieved July 27, 2016.
- Joe, Uchill (July 18, 2016). "New Guccifer 2.0 dump highlights 'wobbly Dems' on Iran deal". The Hill. Retrieved July 27, 2016.
- Savage, Charlie (July 26, 2016). "Assange, Avowed Foe of Clinton, Timed Email Release for Democratic Convention". NYT. Retrieved August 4, 2016.
- Uchill, Joe (July 22, 2016). "WikiLeaks posts 20,000 DNC emails". The Hill. Retrieved July 24, 2016.
- "'Lone Hacker' Claims Responsibility for Cyber Attack on Democrats". NBC News. June 16, 2016. Retrieved July 27, 2016.
- Biddle, Sam (July 22, 2016). "New Leak: Top DNC Official Wanted to Use Bernie Sanders's Religious Beliefs Against Him". The Intercept. Retrieved July 24, 2016.
- Cox, Joseph (July 22, 2016). "Guccifer 2.0 Claims Responsibility for WikiLeaks DNC Email Dump". Motherboard. Retrieved July 27, 2016.
- Fox-Brewster, Thomas (September 13, 2016). "Democrat Hacker Guccifer 2.0 'Appears' At London Show—Here's What Was Said". Forbes. Retrieved September 23, 2016.
- Vankin, Jonathan (October 4, 2016). "READ: Guccifer 2.0 Clinton Foundation Hacked Documents". Heavy.com. Retrieved October 8, 2016.
- Williams, Katie Bo (October 4, 2016). "Alleged Guccifer 2.0 hack of Clinton Foundation raises suspicions". The Hill. Retrieved October 8, 2016.
- Gallagher, Sean. "Guccifer 2.0 posts DCCC docs, says they're from Clinton Foundation". Ars Technica. Retrieved October 21, 2016.
- 12 Russians indicted in Mueller investigation. CNN.com, July 13, 2018
- "Spy Agency Consensus Grows That Russia Hacked D.N.C." New York Times. Retrieved July 26, 2016.
- Shieber, Jonathan; Conger, Kate. "Did Russian government hackers leak the DNC emails?". TechCrunch. Retrieved July 26, 2016.
- Rid, Thomas (July 25, 2016). "All Signs Point to Russia Being Behind the DNC Hack". Motherboard. Retrieved July 25, 2016.
- "DNC email leak: Russian hackers Cozy Bear and Fancy Bear behind breach". The Guardian. July 26, 2016.
- Rob Price, Yes, Russia really did hack the Democratic National Committee, Business Insider (June 21, 2016).
- Lorenzo Franceschi-Bicchierai, 'Guccifer 2.0' Is Likely a Russian Government Attempt To Cover Up Their Own Hack, VICE News (June 16, 2016).
- Dmitri Alperovitch, Bears in the Midst: Intrusion into the Democratic National Committee, Crowdstrike (June 15, 2016).
- Ellen Nakashima, Cyber researchers confirm Russian government hack of Democratic National Committee, Washington Post (June 20, 2016).
- Michael Kan, Russian hackers were behind DNC breach, says Fidelis Cybersecurity, IDG News Service (June 20, 2016).
- SecureWorks Counter Threat Unit Threat Intelligence, Threat Group-4127 Targets Hillary Clinton Presidential Campaign Archived 2016-07-20 at the Wayback Machine, SecureWorks (June 16, 2016).
- Threatconnect Research Team, Shiny Object? Guccifer 2.0 and the DNC Breach, Threatconnect (June 29, 2016).
- Feike Hacquebord (2017). Two Years of Pawn Storm—Examining an Increasingly Relevant Threat (PDF) (Report). Trend Micro.
This makes it very likely that Guccifer 2.0 is a creation of the Pawn Storm actor group.
- Dan Goodin, "Guccifer" leak of DNC Trump research has a Russian's fingerprints on it: Evidence left behind shows leaker spoke Russian and had affinity for Soviet era, Ars Technica (June 16, 2016).
- Moscow denies Russian involvement in U.S. DNC hacking, Reuters (June 14, 2016).
- Franceschi-Bicchierai, Lorenzo (June 21, 2016). "We Spoke to DNC Hacker 'Guccifer 2.0'". Motherboard. VICE News. Retrieved July 29, 2016.
- Franceschi-Bicchierai, Lorenzo (January 12, 2017). "Alleged Russian Hacker 'Guccifer 2.0' Is Back After Months of Silence". Motherboard. VICE News.
- Alex Johnson, WikiLeaks' Julian Assange: 'No Proof' Hacked DNC Emails Came From Russia, NBC News (July 25, 2016).
- Ackerman, Spencer; Poulsen, Kevin (March 22, 2018). "EXCLUSIVE: 'Lone DNC Hacker' Guccifer 2.0 Slipped Up and Revealed He Was a Russian Intelligence Officer". The Daily Beast. Retrieved March 23, 2018.
But on one occasion (...) Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company. (...) Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency's headquarters on Grizodubovoy Street in Moscow.
- Franceschi-Bicchierai, Lorenzo (June 21, 2016). "Here's the Full Transcript of Our Interview With DNC Hacker 'Guccifer 2.0'". Motherboard. VICE News. Retrieved August 3, 2016.
- Guccifer 2.0 (June 30, 2016). "FAQ from Guccifer 2.0". GUCCIFER 2.0. Retrieved July 24, 2016.
- McBride, Jessica (July 25, 2016). "Guccifer 2.0: 5 Fast Facts You Need to Know". Heavy. Retrieved July 27, 2016.
- Guccifer 2.0 (January 12, 2017). "Here I am Again, My Friends!". GUCCIFER 2.0. Retrieved February 25, 2017.
- Joe Uchill, Evidence mounts linking DNC email hacker to Russia, The Hill (July 26, 2016).
- Savage, Charlie; Perlroth, Nicole (July 27, 2016). "Is D.N.C. Email Hacker a Person or a Russian Front? Experts Aren't Sure". The New York Times.
- "Multa Verba: Guccifer 2.0: Russian, not Romanian". July 27, 2016.
- "Russian government hackers penetrated DNC, stole opposition research on Trump". Washington Post. Retrieved December 14, 2016.
- Economist, Staff of (September 24, 2016). "Bear on bear". Economist. Retrieved October 25, 2016.
- "Hacker Guccifer 2.0 claims new DNC data leak | Fox News". Fox News. July 18, 2016. Retrieved July 25, 2016.
- Democracy Now! (July 25, 2016), EXCLUSIVE: WikiLeaks' Julian Assange on Releasing DNC Emails That Ousted Debbie Wasserman Schultz, retrieved July 26, 2016
- Johnson, Alex (July 25, 2016). "Julian Assange: 'No Proof' Hacked DNC Emails Came From Russia". NBC News. Retrieved July 26, 2016.
- J. Clara Chan, WikiLeaks' Julian Assange Denies Russian Role in DNC Hack: 'No Proof Whatsoever', The Wrap (republished on Yahoo News) (July 25, 2016).
- Ellis, Emma Grey (July 27, 2016). "WikiLeaks Has Officially Lost the Moral High Ground". Wired. Retrieved October 13, 2016.
- "The Julian Assange Show". RT International. Retrieved June 30, 2018.
- Zappone, Chris (September 14, 2016). "Wikileaks drops latest Guccifer 2.0 data on Hillary Clinton, DNC, Democrats". Sydney Morning Herald. Retrieved October 13, 2016.
- Joint Statement from the Department of Homeland Security and Office of the Director of National Intelligence on Election Security, U.S. Department of Homeland Security (October 7, 2016).
- "These Messages Show Julian Assange Talked About Seeking Hacked Files From Guccifer 2.0".
Less than an hour after WikiLeaks's last message ... Guccifer 2.0 tweeted that it had handed those documents over.
- Ewing, Philip; Johnson, Carrie (July 13, 2018). "Justice Department Charges Russian Cyberspies With Attack On 2016 Election". National Public Radio. Retrieved July 13, 2018.
- Sommerfeldt, Chris (July 14, 2018). "Twitter finally suspends Guccifer 2.0 and DCLeaks in light of Mueller indicting 12 Russian agents who used the accounts". San Diego Tribune. Retrieved July 15, 2018.
- Nakashima, Ellen (June 15, 2016). "'Guccifer 2.0' claims credit for DNC hack". Washington Post. Retrieved July 25, 2016.
- Mackey, Robert (July 26, 2016). "If Russian Intelligence Did Hack the DNC, the NSA Would Know, Snowden Says". The Intercept. Retrieved July 27, 2016.
- Winter, Tom (September 13, 2016). "'Guccifer 2.0' releases more DNC docs, including Tim Kaine's cell number". NBCNews.com. Retrieved September 23, 2016.
- Lily Hay Newman, Even a Fake Clinton Foundation Hack and Can Do Serious Damage, Wired (October 7, 2016).
- Borger, Gloria; Korade, Matt. "Trump associate plays down Twitter contact with Guccifer 2.0". CNN.
- Guccifer 2.0 (January 12, 2017). "Here I am Again, My Friends!". WordPress.
- Post), Steven Rich (Washington. "Netyksho Et Al Indictment". www.documentcloud.org.
- Nakashima, Ellen (June 15, 2016). "'Guccifer 2.0' claims credit for DNC hack". The Washington Post. Retrieved March 14, 2018.
- Bump, Philip (July 13, 2018). "Timeline: How Russian agents allegedly hacked the DNC and Clinton's campaign". The Washington Post. Retrieved July 15, 2018.
- Biddle, Sam; Bluestone, Gabrielle (June 15, 2016). "This Looks Like the DNC's Hacked Trump Oppo File". Gawker. Retrieved July 15, 2018.
- Guccifer 2.0. "Trumpocalypse and other DNC plans for July". WordPress. Archived from the original on July 6, 2016. Retrieved March 14, 2016 – via Internet Archive.
- Uchill, Joe (July 13, 2016). "Guccifer 2.0 releases new DNC docs". The Hill. Retrieved March 14, 2018.
- Poulsen, Kevin (April 18, 2019). "Mueller Report: Assange Smeared Seth Rich to Cover for Russians". The Daily Beast. Retrieved April 22, 2019.
- Uchill, Joe (July 18, 2016). "New Guccifer 2.0 dump highlights 'wobbly Dems' on Iran deal". The Hill. Retrieved July 27, 2016.
- Goodman, Ryan (September 28, 2017). "How Roger Stone Interacted with Russia's Guccifer and WikiLeaks". Newsweek. Retrieved March 15, 2018.
- Blake, Andrew (March 10, 2017). "Roger Stone, Trump confidant, acknowledges 'innocuous' Twitter conversation with DNC hackers". The Washington Times. Retrieved March 15, 2018.
- Collier, Kevin (April 5, 2018). "These Messages Show Julian Assange Talked About Seeking Hacked Files From Guccifer 2.0". Buzzfeed News. Retrieved April 6, 2018.
- Loffredo, Nicholas (August 13, 2016). "'Guccifer 2.0' Suspended From Twitter After Latest Hack of Democrats". Newsweek. Retrieved July 15, 2018.
- Bastone, William (March 8, 2017). "Roger Stone's Russian Hacking "Hero"". The Smoking Gun. Retrieved July 14, 2018.
- Sweet, Lynn (June 7, 2017). "Illinois' chapter in the Russian hacking saga". Chicago Sun Times. Retrieved April 23, 2019.
- Sweet, Lynn (April 18, 2019). "Mueller report confirms Russians 'compromised' Illinois State Board of Elections". Chicago Sun Times. Retrieved April 23, 2019.
- Stone, Roger (August 16, 2016). "Can the 2016 election be rigged? You bet". The Hill. Retrieved July 13, 2018.
- Helderman, Rosalind S.; Roig-Franzia, Manuel (July 13, 2018). "Charges against Russian intelligence officers intensify spotlight on Trump adviser Roger Stone". The Washington Post. Retrieved July 13, 2018.
- Gallagher, Sean (May 25, 2017). "Florida GOP consultant admits he worked with "Guccifer 2.0", analyzing hacked data". Ars Technica. Retrieved July 15, 2018.
- Glaser, April (July 13, 2018). "What the Latest Mueller Indictment Reveals About Guccifer 2.0". Slate. Retrieved April 22, 2019.
- Uchill, Joe (August 31, 2016). "Guccifer 2.0 leaks docs from 'Pelosi's PC'". The Hill. Retrieved March 15, 2018.
- Guccifer 2.0 (August 31, 2016). "DCCC Docs from Pelosi's PC". Archived from the original on August 31, 2016. Retrieved March 15, 2018 – via Internet Archive.
- Skiba, Katherine; Heinzmann, David; Lighty, Todd (July 13, 2017). "Peter W. Smith, GOP operative who sought Clinton's emails from Russian hackers, committed suicide, records show". Chicago Tribune. Retrieved March 15, 2018.
- Bertrand, Natasha (October 16, 2017). "Mueller has interviewed the cybersecurity expert who said he was 'recruited to collude with the Russians'". Business Insider.
- Schreckinger, Ben (July 11, 2017). "GOP Researcher Who Sought Clinton Emails Had Alt-Right Help". Politico. Retrieved August 13, 2018.
- Mayer, Jane (October 1, 2018). "How Russia Helped Swing the Election for Trump". NewYorker.com. Retrieved September 24, 2018.
- "Joint Statement from the Department Of Homeland Security and Office of the Director of National Intelligence on Election Security". Department of Homeland Security. October 7, 2016. Retrieved April 10, 2017.
- Nakashima, Ellen. "U.S. government officially accuses Russia of hacking campaign to interfere with elections". The Washington Post. Retrieved October 7, 2016.
- Guccifer2 (January 12, 2017). "Here I am Again, My Friends!". Guccifer 2.0. Retrieved July 15, 2018.
- Raju, Manu; Schleifer, Theodore; Killough, Ashley (March 14, 2017). "Justice department asks for more time to collect evidence on Trump wiretap claims". CNN. Retrieved March 19, 2018.
- Poulsen, Kevin; Ackerman, Spencer (March 22, 2018). "EXCLUSIVE: 'Lone DNC Hacker' Guccifer 2.0 Slipped Up and Revealed He Was a Russian Intelligence Officer". The Daily Beast. Retrieved March 23, 2018.
- Hsu, Spencer S.; Barrett, Devlin (August 10, 2018). "Judge holds Roger Stone associate in contempt for refusing to testify in Russia investigation". The Washington Post. Retrieved August 10, 2018.