The Hacker Behind The New Clinton Leaks Denies That He Made Stuff Up

Guccifer 2.0 continues to insist that that the documents released Tuesday came from the servers of the Clinton Foundation in a chat with BuzzFeed News.

SAN FRANCISCO — Despite the many questions raised over new documents allegedly leaked from the servers of Democratic presidential nominee Hillary Clinton, the hacker known as “Guccifer 2.0” continued to insist Tuesday that the documents were real, and that they were a small preview of much more to come.

In a private chat with BuzzFeed News, Guccifer 2.0 wrote that “all files are authentic” and that they came from the Clinton Foundation’s private server. When asked about the widespread speculation that the documents weren't legitimate and a statement by the Clinton Foundation that “none of the folders or files shown are from the Clinton Foundation," Guccifer 2.0 appeared to double down, writing: “is it possible that some ppl r trying to divert attention from my release by spreading false accusations?”

No evidence of a #Guccifer hack at @ClintonFdn, no notification by law enforcement, and none of the files or folders shown are ours.

The hacker first made headlines in June, when an account run under the name "Guccifer 2.0" claimed to be behind the hack of the Democratic National Convention (DNC). At the time, he told Motherboard that he was a lone Romanian hacker, though it appeared he could not speak Romanian nor prove any ties to that country. Cybersecurity experts with the companies investigating the DNC hack have since concluded that the hack was likely carried out by a group dubbed Fancy Bear, a set of hackers that have been tied to the Russian government.

The release of the new documents Tuesday, whether by Guccifer 2.0, Fancy Bear, or any other party, is the most recent in a long-running cyber tit-for-tat that cybersecurity experts said has tried to affect the outcome of next month's US elections.

On Tuesday afternoon, Guccifer 2.0 wrote in a blog post, “So, this is the moment. I hacked the Clinton Foundation server and downloaded hundreds of thousands of docs and donors’ databases.” His announcement came just hours after a Wikileaks press conference which many had thought would announce a cache of damning documents about Democratic presidential nominee Hillary Clinton. Instead, Wikileaks appeared to be celebrating their 10-year anniversary, and announcing a new funding model.

Guccifer 2.0, who tweeted a congratulatory message to Wikileaks Tuesday, told BuzzFeed News he thought it was a “good idea” to release his documents that day, and that this was “just a tiny part of the files,” that would be released in coming weeks.

Yet Guccifer 2.0 refused to answer questions of when the Clinton Foundation servers were hacked, or how the hack was accomplished. Guccifer 2.0 also refused to answer why the documents — which mostly contained donor information — seem to imply some connection between donations to the Clinton Foundation and the receipt of federal funds through the TARP program, which were largely distributed during the administration of George W. Bush. Also left unanswered: why many of the individuals who appear as donors in the documents are not listed as donors in the foundation’s public disclosures.

Some observers speculated that the files came from the Democratic Congressional Campaign Committee (DCCC), which was itself hacked earlier this year. "Given the Russians’ long track record of faking the origin and doctoring the content of documents acquired through cyber attacks, the Committee is working to determine if these were stolen from our network,” Meredith Kelly, DCCC National Press Secretary, told BuzzFeed News.

In previous chats with BuzzFeed News, the Guccifer 2.0 account appeared to type in nearly-fluent English. On Tuesday, however, the account only used short replies — often with emojis — and did so in broken English. While questions have been raised about the legitimacy of previous documents released by Guccifer 2.0, the documents released Tuesday might prove to be the first time the account has obviously released falsified documents.

Skip to footer