An 11-count federal indictment filed against 12 Russian military intelligence officers alleges that the group used cryptocurrency to remain anonymous in a scheme against the Democratic National Committee and Hillary Clinton’s presidential campaign in 2016. They are accused of using these digital coins to pay for the website used to release and publicize stolen election-related documents, keeping their true identities hidden.
A month before releasing the stolen documents, the group registered the dcleaks.com domain and leased a virtual private server through an online cryptocurrency service, according to the indictment. After that, they registered an URL-shortening account that was used to “spear phish” the Clinton campaign chairman and “other campaign-related individuals.”
From the time of the site’s launch until the end of the election, the group released emails stolen from the Clinton campaign and affiliated individuals, along with documents obtained through previous spear-phishing operations. The site claimed that it was run by “American hactivists” and received more than 1 million page views before it was shut down in March 2017.
At its core, cryptocurrency was designed to keep users anonymous … at least, in theory. In the case of Bitcoin, you can send and receive digital currency without supplying personal information, but you’re seemingly doing so under what could be deemed a pseudonym. The address (wallet) where you send and receive digital currency remains in a public ledger, so if that address is ever linked to your real name, any type of anonymity is flushed down the toilet.
According to the indictment filed by the Department of Justice, all 12 accused are members of the Main Intelligence Directorate of the General Staff, or GRU, that’s part of the Russian military. They are charged with hacking into the computer networks of the Clinton campaign, the Democratic Congressional Campaign Committee, and the Democratic National Committee using the names DCLeaks, Guccifer 2.0, and “another entity.”
The Department of Justice lists all 12 individuals, who were officials in Unit 26165 and Unit 74455 of the Russian government’s Main Intelligence Directorate at the time of the attacks.
For instance, Unit 26165 used spear-phishing campaigns against volunteers and employees of the Clinton campaign to steal usernames and passwords, and hack into other computers to steal emails and documents. The Department of Justice claims Unit 26165 worked with Unit 74455 to release those documents.
Meanwhile, Unit 74455 hacked into the computers of state boards of elections, secretaries of state, and U.S.-based companies that supplied software and other technology related to the administration of elections.
“To avoid detection, defendants used false identities while using a network of computers located around the world, including the United States, paid for with cryptocurrency through mining Bitcoin and other means intended to obscure the origin of the funds,” the Department of Justice states. “This funding structure supported their efforts to buy key accounts, servers, and domains.”
Here are the charges:
- Count 1: criminal conspiracy
- Count 2 – 9: Aggravated identify theft
- Count 10: Conspiracy to launder money via cryptocurrency
- Count 11: Conspiracy to commit an offense against the United States
The FBI’s cyber teams in Pittsburgh, Philadelphia, and San Francisco helped with the investigation,
