Jailed Russian says he hacked DNC on Kremlin’s orders and can prove it
Washington — A jailed Russian who says he hacked into the Democratic National Committee computers on the Kremlin’s orders to steal emails released during the 2016 U.S. presidential election campaign now claims he left behind a data signature to prove his assertion.
In an interview with Russia’s RAIN television channel made public Wednesday, Konstantin Kozlovsky provided further details about what he said was a hacking operation led by the Russian intelligence agency known by its initials FSB. Among them, Kozlovsky said he worked with the FSB to develop computer viruses that were first tested on large, unsuspecting Russian companies, such as the oil giant Rosneft, later turning them loose on multinational corporations.
Kozlovsky first came to public attention in early December when word spread about his confession last Aug. 15 in a Russian courtroom that he was the person who hacked into DNC computers on behalf of Russian intelligence. The Russian was jailed earlier this year, alleged to have been part of a hacking group there that stole more than $50 million from Russian bank accounts through what’s called the Lurk computer virus.
The alleged hacker posted to his Facebook page in December a transcript and an audio recording of his confession during a pretrial court hearing. He also confessed online to having hacked investigators looking into the crash of Malaysia Airlines Flight 17, brought down in July 2014 by a missile near the disputed Ukrainian border with Russia.
In written answers from jail made public Wednesday by RAIN TV, a Moscow-based independent TV station that has repeatedly run afoul of the Kremlin, Kozlovsky said he feared his minders might turn on him and planted a “poison pill” during the DNC hack. He placed a string of numbers that are his Russian passport number and the number of his visa to visit the Caribbean island of St. Martin in a hidden .dat file, which is a generic data file.
That allegation is difficult to prove, partly because of the limited universe of people who have seen the details of the hack. The DNC initially did not share information with the FBI, instead hiring a tech firm called CrowdStrike, run by a former FBI cyber leader. That company has said it discovered the Russian hand in the hacking, but had no immediate comment on the claim by Kozlovsky that he planted an identifier.
The newest allegations are potentially significant. If the FSB did in fact direct Kozlovsky, then it debunks Russian President Vladimir Putin’s assertion that his government had nothing to do with hacking that all major U.S. intelligence agencies put at his feet. It also calls into question the view of a hack that was conducted as a closely held, organized FSB campaign directed from central offices. Kozlovsky says he worked largely from home, with limited knowledge of others and that the political hack was just part of larger relationship with the FSB’s top cyber officials on viruses directed at other countries and the private sector.