In the latest complication for the “Russiagate” scandal, a new analysis has suggested that files and email stolen from the Democratic National Committee (DNC) were copied to a USB drive by someone with physical access to a computer that had DNC server access, indicating that the committee’s records were not hacked remotely by foreign actors, as has been alleged.
The DNC’s stolen files were published by the hacker “Guccifer 2.0,” whose name is an homage to the Romanian hacker Guccifer, who gained notoriety for hacking the Bush and Rockefeller families among other U.S. government officials.
Guccifer 2.0, despite professing that he is a Romanian and affiliated with no government, was cited as an agent of Russian military intelligence by the private cyber security firm Crowdstrike, which was hired by the DNC to investigate the hack.
However, an independent investigator working under the pseudonym “The Forensicator” has released a new analysis of the metadata found in the files published by Guccifer 2.0.
The analysis shows that the files, published as a .7z archive file, were transferred from the server at a speed of 23 MB/second, leading the investigator to conclude that it was “unlikely that this initial data transfer could have been done remotely over the Internet.”
The investigator also found that the copying of the files from the DNC servers took place either over a local high-speed network (LAN) or by someone who had physical access to the computer where the data was stored.