Did Guccifer 2.0 Fake “Russian Fingerprints?”

beureugek (38)in #informationwar • 6 years ago

We found errors in this report that have been fixed: Matthew Weaver's title changed to "US Digital Service Member."

The alleged truth "Russian hacking fingerprints" reported by the Crowdstrike virtual company on the DNC server has been under scrutiny recently in recent weeks. If it can be proven that evidence of "Russian Hacking" has been simulated by the creator of Guccifer 2.0, then the crucial structure of the 'Russian Hacking' narrative will unravel. The creation of Guccifer 2.0, and the intent behind its creation, may have a profound effect on the establishment of a real source of DNC leakage.

Adam Carter's G2-Space website has become a repository for documents relating to Guccifer 2.0, which confirms that alleged hackers are artificial intended to associate Russian involvement with DNC leaks. This week Carter reported to Disobedient Media that he was contacted by an individual he believed to be working as a military intelligence agent during the Obama administration, which added to the weight of questions posed by the content of his site.

Disobedient Media previously reported that to date, Crowdstrike is the only entity that has been allowed to access the DNC server. Crowdstrike concluded that the DNC server had been hacked and identified evidence of "Russian hacking" had occurred. The Non-Compliance Media has noted that Crowdstrike is linked to billionaire George Soros through the Atlantic Council. Politico also reported that George Soros gave $ 8 million in funding for Hillary Clinton's campaign through various super-pacs. After Clinton lost the 2016 Presidential election The Wall Street Journal reported Soros had lost nearly $ 1 billion due to a stock rally. That Soros will fund Clinton's campaign with a simultaneous relationship to Crowdstrike raises serious questions about their objectivity.

Speculation about Crowdstrike's objectivity increased after former FBI Director Comey testified that DNC does not allow FBI access to their servers. The Daily Mail writes that US intelligence agencies have relied on CrowdStrike's work without other forensic evidence known to openly link Russia with the attacks. Many have questioned the reliability of a single company that verifies Russian hacking to US intelligence agencies.

Crowdstrike Report entitled: "The Use of Malware Android Bears Luxury in Tracking the Field Artillery Unit"

Crowdstrike was also forced to withdraw some of their recent claims regarding evidence of Russian hacking. On March 23, 2017, the Voice of America (VOA) ran an aggravating section citing the British think tank, The International Institute for Strategic Studies (IISS), which states that CrowdStrike incorrectly uses IISS data as evidence of intrusion. Furthermore, IISS refuses connection to the CrowdStrike report. The Ukrainian Ministry of Defense also claimed that combat and hacking losses never occurred, which meant that Crowdstrike apparently fabricated facts and details in the report completely. The embarrassing Crowdstrike was forced to recall part of the report after speaking with the IISS research association for defense and military analysis. The rower has fueled concerns about Crowdstrike's credibility.

Guccifer 2.0 claimed responsibility for the first leak on June 15 last year. Disobedient Media previously reported on Guccifer 2.0's personal message with actress Robyn Young. Personal messages show sharp contradictions with Guccifer2.0's initial claim that they have hacked the DNC, as they call Seth Rich their 'source'. Our previous coverage of this conversation supports the conclusion that Rich may be the original leik of DNC email to Wikileaks, but most likely has nothing to do with Guccifer2.0 or Russian Hacking.

Seth Rich has been a data analyst with DNC and staff before he was killed in July last year. That August, Fox News reported Wikileaks founder, Julian Assange, strongly stated that Seth Rich was the source of the DNC leak. The Washington Post also noted that Wikileaks also offered a $ 20,000 reward for information leading to confidence in Seth Rich's murder. Assange's statement and Wikileaks rewards have been interpreted by many as an indication that Rich is the original source of DNC email.

Crowdstrike's report on the DNC hack also uses the terms "Fancy Bear" and "Cozy Bear." Meanwhile, The Washington Post describes Seth Rich as 'the person who appears in the panda suit.' The social media associated with Rich is also found that is often referenced by pandas. Speculation has evolved that the use of the term Crowdstrike uses bears to describe malware "Russian hacking". Such speculation is inflamed when Andrew Therriault marks Rich's alleged twitter grip on the spelling that seems to ridicule tweet pandas.

The Carter website states that the data found in the DNC file as published by Guccifer 2.0 indicates a misdirection effort, which is apparently intended to discredit leaks with leaks blamed on Russian hackers.

Disobedient Media talks with Carter, author of the G2-space site, which describes what he believes has happened about the Guccifer 2.0 DNC data. Carter says that matching RSID in style sheets across all three documents and RSID different from the content indicates that the style sheet appears first, with content added when each document is opened separately.

Carter reports that the contents of the real DNC document are then added in a separate session thirty minutes later using a copy of the word registered with the Russian name (writing it as the last modified by that name). In this way, Carter notes that he believes that the entire Russian footprint that is in the file is strange and "obviously not just from handling original documents." In other words, Carter feels that the documents have been copied using pre-existing Russian templates. to create a fake look of Russian hacking on the original data.

Wikileaks has been referring Carter's website via twitter in April:
Screen-Shot-2017-05-27-at-10.03.53-PM.png

Carter notes that if a separate document that has a special "Russian fingerprint" is inadvertently added while being handled then they will all have a different RSID. He said that the only way to what we observed had happened was for all three files that had been based on a pre-polluted template. Carter expressed a similar view via twitte r, in which he said that he believed the evidence showed that efforts were made to frame Russia for DNC leaks. Carter mentioned that he believes the whole process has left two separate layers of 'Russian hacking fingerprint' which he believes to be a deliberate misdirection effort.

Disobedient Media spoke to Rob Colbert to better evaluate Carter's report. Colbert is a CTO / Platform Architect in Disobedient Media. He told us that the data and explanations given by Carter were factually accurate and reproducible. He added that the data did not prove causation at this point, and did not seem to prove its intent. Rob does not see evidence of intent in the sense of "smoking guns" in the data available today, but confirms to the authors that the data presented by Carter so far seems to be accurate.

Carter also stated via Twitter:
Screen-Shot-2017-05-28-at-6.21.38-PM.png

Carter also revealed to Disobedient Media that he has been contacted by an individual who appears to have worked for the US Digital Service under the Obama administration. The email to Carter seems to be trying to get a potentially discredited response from Julian Assange, Kim Dot Com, and Seth Rich's investigation. Carter publishes screenshots of emails he receives on his website, as well as resumes linked to the email address that contacts him. Matthew Weaver appears to be the one who contacted Carter. This indicates that the former USDS member is trying to contact Carter. This interest in Carter's work adds to the speculation surrounding the DNC leak since Guccifer 2.0 announced its version of their publication.