Jailed hacker, Konstantin Kozlovsky, stated last week that he was behind the hack into the Democratic National Committee computers during the 2016 U.S. presidential election campaign, and he left behind a data signature that can prove it.
In a written interview sent in from his Moscow jail with independent Russian television channel RAIN, Kozlovsky stated that the DNC hacking operation was led by Russia’s internal security service, the FSB. He said he and other hackers worked under the leadership of FSB major Dmitry Dokuchaev who was arrested for state treason in December 2016, alongside at least one other FSB cyber leader – suspected of transferring information on Russian hackers to U.S. intelligence services. Dokuchaev has denied familiarity with Kozlovsky.
In the RAIN interview, Kozlovsky stated that his relationship with the FSB also extended to the development of the Lurk and WannaCry computer viruses. The Lurk virus stole $50 million (1.2 billion rubles) from Russian bank accounts, and WannaCry paralyzed computer networks worldwide .
Kozlovsky was initially jailed for his part in the Lurk virus hacking group, and is currently awaiting trial in Matrosskaya Tishina (Sailor’s Silence) jail in Moscow. He came to public attention in early December when news spread about his initial confession to a Russian courtroom last August 15th. Kozlovsky left behind a string numbers in a hidden .dat file, connected to his Russian passport number and the number for the visa he used to visit St. Martin in the Caribbean. He said he left the digital signature behind as he feared the intelligence agency might turn on him and plant a “poison pill” during the DNC hack.
The DNC did not initially share information with the FBI, but rather hired a cybersecurity firm called CrowdStrike. The firm have said previously that they identified a Russian hand in the cyber attack, but have not yet issued a comment on Kozlovksy’s statement. The DNC did also share a complete digital copy of its servers with the FBI.
The significance behind Kozlovsky’s remarks: if collusion can be proved between the Russian government and the hackers that broke into the DNC, then it undermines Russia’s previous statements that its government had nothing to do with the hack. It also changes the previously dominant narrative of the DNC hack as a closely held, tightly organized FSB campaign directed from central offices. Kozlovsky said that he mainly worked from home with limited knowledge of others, and that the hack into the DNC was part of a larger relationship with top officials at the FSB on viruses directed at Russia’s private sector and other countries.