• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Who hacked the DNC last summer? Alternative theories emerge...

UNCjigga

UNCjigga

Lifer
First off, this is NOT a Seth Rich conspiracy thread. Please do not rehash any of the old conspiracies around Seth Rich leaking to Wikileaks...we've already had plenty of threads about that and the lead investigator himself has backed off that theory.

But what if it was an internal DNC leak, and NOT a Russian hack orchestrated by the Kremlin and perpetrated by "Guccifer 2.0"/Fancy Bear as concluded by US-led intelligence agencies? A new theory has been making the rounds this week--and not exclusively on Alt Right websites. While we've been distracted by North Korea and Charlottesville, The Nation published this piece that details a new report by former US intelligence officials, claiming the DNC hack was more likely an inside job vs. state-sanctioned hack. These officials don't have access to any of the classified data, but were able to come to this conclusion using the publicly available 'evidence' related to the hack/leak.

The author of the Nation article is a former Salon.com writer and not some alt-right troll--even Salon.com picked up on the report and is highlighting how the media may be ignoring it for now.

But before anyone concludes "ZOMG! DNC hack was an inside job!" take it all with a grain of salt. The New York Times is reporting today that the Ukrainian black-hat developer of a malware tool, believed to be instrumental to the Russian hack, is now turning himself in and will be a witness for the FBI. Not clear to me whether this "Profexer" will corroborate the Russia/Fancy Bear theory or not.

Suffice it to say, there's still a LOT of unknowns about who perpetrated the DNC hack/leak or how it was done--and investigators may still be searching for definitive answers. There still seems to be plenty of other evidence that Russians were meddling in the election (hacking state voter rolls for example) or seeking ways to support the Trump campaign. But I wonder if the Nation story and VIPS report provide the excuse Trump needs to shutdown Mueller's investigation?
 
UNCjigga said:
Suffice it to say, there's still a LOT of unknowns about who perpetrated the DNC hack/leak or how it was done--and investigators may still be searching for definitive answers
Click to expand...

So, you're going on a snipe hunt?

DNC servers were infected by both Fancy Bear & Cozy Bear malware which is extremely sophisticated State level hacking according to the experts who also attribute them to Russian actors. They're also the same exploits used in attempts to penetrate the State Dept, voter databases & so forth.

Entertaining notions to the contrary is ridiculous.

https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
 
Hmm, this article has been mentioned before and it's total bullshit.

From reading it again two things pop out immediately:

1) The central claims come from an anonymous guy who says he has mysterious access to files that nobody else does and he's used them to make this conclusion but won't share those files with anyone else so they can verify his claims. An anonymous person making conclusions about data nobody can see is not a credible source.

2) A bunch of the claims seem comically inept. For example the article claims that the data transfer took place at 22.7MB per second, a speed it says was impossible to achieve in mid-2016. Is that a joke? I'm willing to bet a bunch of people on this forum alone had internet connections in mid-2016 that were capable of this speed. A large organization like the DNC probably had a connection that could handle speeds much, much faster than that. (as would people associated with Russian intelligence)

The Nation and Glenn Greenwald have gone insane on the whole Russia thing and seem unwilling to admit they were wrong in their previous attacks on people who said Russia was behind it.
 
Did you read through the full report?

There was no hack of the Democratic National Committee’s system on July 5 last year—not by the Russians, not by anyone else. Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device.In short, it was an inside job by someone with access to the DNC’s system. This casts serious doubt on the initial “hack,” as alleged, that led to the very consequential publication of a large store of documents on WikiLeaks last summer.

Forensic investigations of documents made public two weeks prior to the July 5 leak by the person or entity known as Guccifer 2.0 show that they were fraudulent: Before Guccifer posted them they were adulterated by cutting and pasting them into a blank template that had Russian as its default language. Guccifer took responsibility on June 15 for an intrusion the DNC reported on June 14 and professed to be a WikiLeaks source—claims essential to the official narrative implicating Russia in what was soon cast as an extensive hacking operation. To put the point simply, forensic science now devastates this narrative.
Click to expand...
 
UNCjigga said:
Did you read through the full report?
Click to expand...

Hard science most definitely does not show it was a leak as their evidence for that is...well... obviously wrong on its face.

I am seriously baffled how anyone could think a transfer speed of 22MB/sec was impossible in mid-2016.
 
I would've thought they had other evidence as to why 22MB/sec wasn't otherwise possible, i.e. port speed of the dedicated Internet circuit the DNC server was connected to, for example (would need a minimum of 200mbps to achieve that throughput?) That said, your standard Fios connection available in DC and NoVA could certainly handle that, let alone a dedicated circuit that businesses might use.
 
fskimospy said:
Hard science most definitely does not show it was a leak as their evidence for that is...well... obviously wrong on its face.

I am seriously baffled how anyone could think a transfer speed of 22MB/sec was impossible in mid-2016.
Click to expand...
I was getting > 22 MB/sec downloading games from Steam in my apartment in 2016. 2015 even.
 
Jhhnn said:
So, you're going on a snipe hunt?
DNC servers were infected by both Fancy Bear & Cozy Bear malware which is extremely sophisticated State level hacking according to the experts who also attribute them to Russian actors. They're also the same exploits used in attempts to penetrate the State Dept, voter databases & so forth.
Entertaining notions to the contrary is ridiculous.
https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
Click to expand...

These tools are available for use at any point in time. Don't be so daft, that you think someone in the DNC couldn't fall for a spearfish email. That's ludacris.
 
UNCjigga said:
First off, this is NOT a Seth Rich conspiracy thread. Please do not rehash any of the old conspiracies around Seth Rich leaking to Wikileaks...we've already had plenty of threads about that and the lead investigator himself has backed off that theory.
Click to expand...

You may not have intended this to be a Seth Rich conspiracy thread, but you linked an article which says this was an inside job at the DNC. And the article's author said elsewhere that he believes Seth Rich was behind it. This is the same Seth Rich conspiracy theory, now with a bunch of questionably sourced, and frankly wrong, content from so-called experts, whoever they are.

https://www.washingtonpost.com/blog...n-russian-hack-of-dnc/?utm_term=.8a69dfaf06c5

I'm afraid the Nation has been conned, and has badly blundered here. What an embarrassment.
 
fskimospy said:
Hard science most definitely does not show it was a leak as their evidence for that is...well... obviously wrong on its face.

I am seriously baffled how anyone could think a transfer speed of 22MB/sec was impossible in mid-2016.
Click to expand...
They are saying that speed is impossible as a convoluted path through a virtual private network to a Russian or Rumanian server. Having an Internet connection that fast is a far cry from being able to download something routed through cut-outs and VPNs from the other side of the world. I have no idea whether that speed was possible then - or now - but simply claiming they are wrong because of Internet access speeds is disingenuous. Being able to definitively say they are right or wrong would require some serious knowledge of the DNC server and the routing supposedly taken, but hopefully everyone understands that if one has a 50 MB/s Internet access, that doesn't necessarily mean one can get 50 MBs of data per second across the Internet, much less if one is routing through cut-outs and an anonymous router.

In my opinion no one can say for sure since the FBI wasn't allowed to examine the server in question; they only have the word of the DNC and its agent that the server was infected at all. And one really good reason to not put a lot of credence on this report is that, like the FBI report, it's based on no forensic evidence whatsoever. We have far too many people making educated guesses about what did or did not happen based on partial information - including the FBI and our "seventeen intelligence agencies". The "Russianified" documents may have been altered by the Democrats to bolster their anti-Russian case, or Wasserman-Schultz' Pakistani IT guy to throw off investigators, or by the wiki folks to protect a source, or by some other agent for some reason unknown to us. No one knows, which means that . . . no one knows. Nothing more, nothing less.
 
fskimospy said:
Well this would be 22 upstream, which most consumer connections don't have. It's well within normal for a commercial connection though.
Click to expand...

Any so-called "expert" would know this straight off. I read the entire article before reading your post, and the first thing that occurred to me was that this didn't seem right. I can get 7-8 mb (peak) downstream on my PC. I'd be surprised if large enterprises don't get at least 3x that.

The article's author is a Seth Rich conspiracy theorist. Move right along. There's nothing to see here.
 
werepossum said:
They are saying that speed is impossible as a convoluted path through a virtual private network to a Russian or Rumanian server. Having an Internet connection that fast is a far cry from being able to download something routed through cut-outs and VPNs from the other side of the world. I have no idea whether that speed was possible then - or now - but simply claiming they are wrong because of Internet access speeds is disingenuous. Being able to definitively say they are right or wrong would require some serious knowledge of the DNC server and the routing supposedly taken, but hopefully everyone understands that if one has a 50 MB/s Internet access, that doesn't necessarily mean one can get 50 MBs of data per second across the Internet, much less if one is routing through cut-outs and an anonymous router.

In my opinion no one can say for sure since the FBI wasn't allowed to examine the server in question; they only have the word of the DNC and its agent that the server was infected at all. And one really good reason to not put a lot of credence on this report is that, like the FBI report, it's based on no forensic evidence whatsoever. We have far too many people making educated guesses about what did or did not happen based on partial information - including the FBI and our "seventeen intelligence agencies". The "Russianified" documents may have been altered by the Democrats to bolster their anti-Russian case, or Wasserman-Schultz' Pakistani IT guy to throw off investigators, or by the wiki folks to protect a source, or by some other agent for some reason unknown to us. No one knows, which means that . . . no one knows. Nothing more, nothing less.
Click to expand...

The article has no credibility on this point, because it says, unequivocally, "no Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed." That statement is clearly false. Which says something about the honesty of the article itself. If they wanted to say that such speeds were possible in theory, but difficult in practice for a variety of reasons, then that's what they should have said. This article was supposed to have been sourced by experts. No expert would make this kind of mistake.
 
Jhhnn said:
So, you're going on a snipe hunt?

DNC servers were infected by both Fancy Bear & Cozy Bear malware which is extremely sophisticated State level hacking according to the experts who also attribute them to Russian actors. They're also the same exploits used in attempts to penetrate the State Dept, voter databases & so forth.

Entertaining notions to the contrary is ridiculous.

https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
Click to expand...
From your link:
Hultquist said the date that Forensicator believes that the files were downloaded, based on the metadata, is almost definitely not the date the files were removed from the DNC.

That date, July 5, 2016, was far later than the April dates when the DNC hackers registered “electionleaks.com” and “DCLeaks.com.” Hulquist noted that the DNC hackers likely had stolen files by the time they began determining their strategy to post them.

The July date is also months after the DNC brought in FireEye competitor CrowdStrike to remove the hackers from their network and well after Crowdstrike first attributed the attack to Russia.
Click to expand...

This doesn't shed any additional light on how the files escaped, but it's pretty conclusive proof that this particular theory is flat out wrong. Hard to imagine that someone registered two web sites without already having the data in hand.
 
woolfe9998 said:
The article has no credibility on this point, because it says, unequivocally, "no Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed." That statement is clearly false. Which says something about the honesty of the article itself. If they wanted to say that such speeds were possible in theory, but difficult in practice for a variety of reasons, then that's what they should have said. This article was supposed to have been sourced by experts. No expert would make this kind of mistake.
Click to expand...
Have you read the original article? All I've read is mainstream journalism stories about it, and the media make these kinds of gross simplification errors all the time.

Doesn't really matter; as I posted above, Jhhnn's link (even though it's a blog from Croudstrike, who are hardly a disinterested party here) has reasoning that shows this theory is almost certainly wrong. I have a difficult time imagining that hackers would register sites proclaiming the data without already having them in hand; that's enough to make this theory uninteresting to me.
 
It's quite amazing that this whole thing is based on the notion that the information was hacked out of DNC servers all at once, in one big download like a smash and grab operation. There's no reason to believe that at all given what Crowdstrike, the first responders, told us-

At DNC, COZY BEAR intrusion has been identified going back to summer of 2015, while FANCY BEAR separately breached the network in April 2016.
Click to expand...

The notion that they'd save it all up for one big download on Jun 5, 2016, is completely ludicrous.
 
Fanatical Meat said:
Someone please summarize is this alternative theory like an alternative truth?
Click to expand...

Some computer "experts" say that about 2 gigs of data was downloaded from the DNC server on July 5, 2016, that the download took 87 seconds, which suggests a transfer rate of 22.7 mb/sec, and that this couldn't have been done over the internet and had to be a download to an external drive, i.e. an inside job.
 
woolfe9998 said:
Some computer "experts" say that about 2 gigs of data was downloaded from the DNC server on July 5, 2016, that the download took 87 seconds, which suggests a transfer rate of 22.7 mb/sec, and that this couldn't have been done over the internet and had to be a download to an external drive, i.e. an inside job.
Click to expand...

I see,
How does that change anything? Russia still had the info, manipulated Wikileaks and possibly gave info to Trumps people.
 
woolfe9998 said:
Any so-called "expert" would know this straight off. I read the entire article before reading your post, and the first thing that occurred to me was that this didn't seem right. I can get 7-8 mb (peak) downstream on my PC. I'd be surprised if large enterprises don't get at least 3x that.

The article's author is a Seth Rich conspiracy theorist. Move right along. There's nothing to see here.
Click to expand...

The article comes off as silly in that regard. However they are talking about an upstream to somebody in the Russian sphere. Not you downloading from Steam from a CDN most likely within your ISPs network. Big difference.

I have never tried to upload anything to that part of the world. I would imagine via physical travel and multiple hops the theoretical bandwidth takes a giant dump. Thus 22.7MB\sec looks like something local from the machine such as a thumb drive.

This story is rather interesting imo. Because they are using publicly available information and found the document was cut and pasted into a Russian version of Word. I also find it interesting the FBI was never allowed to inspect the compromised servers. Instead we had to rely on the DNC and their hired contractor that is run by a well known anti-russian. The Wikileaks has always claimed it was an inside job. I dont think we will ever get the truth. But at the same time this article brings up questions surrounding the lack of information from which our intelligence agencies made their claims.
 
Last edited:
woolfe9998 said:
Some computer "experts" say that about 2 gigs of data was downloaded from the DNC server on July 5, 2016, that the download took 87 seconds, which suggests a transfer rate of 22.7 mb/sec, and that this couldn't have been done over the internet and had to be a download to an external drive, i.e. an inside job.
Click to expand...
Fanatical Meat said:
I see,
How does that change anything? Russia still had the info, manipulated Wikileaks and possibly gave info to Trumps people.
Click to expand...

Fanatical meat is correct. I mean, so what? Cozy Bear was in the DNC network for a year & Fancy Bear over a month, plenty of time to have downloaded a shitpile of data camouflaged in the datastream. That's beyond obvious.
 
Jhhnn said:
Fanatical meat is correct. I mean, so what? Cozy Bear was in the DNC network for a year & Fancy Bear over a month, plenty of time to have downloaded a shitpile of data camouflaged in the datastream. That's beyond obvious.
Click to expand...

If I was to argue the other side, I would say, how do we know that these were Russian hackers, or that they were even accessing the servers over those time periods. The point of this article is that this download of the information which was released in late July had to have been internal. The implication being, if that part of it is wrong, then so too is everything we think we know.

I don't believe any of that, obviously.
 
An idea occurs to me: What if the hackers transferred the files from the secure email server to a less secure server like a web server? Then they could download the files at their leisure with less risk of getting caught in the process.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top