A jailed Russian hacker who claims he was ordered by Russian intelligence to hack into Democratic National Committee (DNC) networks says he can prove he was behind the breach.
Konstantin Kozlovsky, who has been jailed on cyber fraud charges in Russia, told independent Russian network TV Rain in a recent interview that he left a file on the DNC network containing markers to prove he had been there.
Specifically, Kozlovsky said he left a .dat file with his passport number and the number of his visa to Caribbean island St. Martin on the DNC’s internal server, according to a written interview published Wednesday.
Kozlovsky is among a group of hackers arrested by Russian authorities last year for using malware to steal more than $25 million from Russian banks. Earlier this year, Kozlovsky posted a purported court testimony on Facebook that showed him claiming he hacked the DNC on the orders of Russia’s Federal Security Service, or FSB.
Kozlovsky’s claims, if proven, would undercut Russian President Vladimir Putin’s repeated denials the Kremlin was behind the hacking campaign targeting the 2016 U.S. election.
The unclassified assessment released by the U.S. intelligence community in January blamed Russian intelligence for hacking into DNC networks as part of an influence campaign ordered at the highest levels of the Kremlin.
“In July 2015, Russian intelligence gained access to Democratic National Committee (DNC) networks and maintained access until at least June 2016,” the document states.
The assessment does not make specific mention of the FSB but does say Moscow’s foreign military intelligence agency, or GRU, “probably began cyber operations aimed at the US election by March 2016.”
“We assess that the GRU operations resulted in the compromise of the personal e-mail accounts of Democratic Party officials and political figures,” the assessment states. “By May, the GRU had exfiltrated large volumes of data from the DNC.”
In June 2016, CrowdStrike, an independent cybersecurity firm hired by the DNC, identified two separate Russian intelligence-affiliated infiltrations of DNC networks.
The firm identified one intrusion beginning in summer 2015 linked to Cozy Bear, a hacking group believed to be affiliated with the FSB. CrowdStrike linked the second breach, which occurred in April 2016, to Fancy Bear, believed to be connected to the GRU.
In the latest interview, Kozlovsky also claimed he wrote malware for the FSB for several years, including the code used in the “WannaCry” ransomware attacks for which the U.S. government has publicly blamed North Korea.
Kozlovsky claimed that FSB agent Major Gen. Dmitry Dokuchayev gave him orders to breach the DNC. Dokuchayev and three others were arrested on charges of treason in Moscow in late 2016. Dokuchayev is also among several FSB officers wanted by the Justice Department in connection with the 2014 Yahoo breach.