For new visitors to this site, please check the summary report from December 2019 as this provides the most comprehensive coverage of significant digital forensics discoveries made over the past four years and provides links to all of the original studies as well as links to verifiable evidence.
I've just realised that there was an article I wrote in 2019 that I didn't include in updates and it's probably worth bringing attention to.
The only time I ever saw the US Department of Justice acknowledge any of the countervailing evidence (relating to Guccifer 2.0) that I've reported on over the past few years is when they were challenged with one piece in the Stone case.
This involved a prosecutor within the department wrongly portraying an Eastern timezone indicator as relating to the timezone of alleged victims when it really relates to archival activity of Guccifer 2.0 in September 2016 (occurring at least a month after the files were acquired).
August 15, 2020
The timeline has been updated to include discoveries made since 2017 and to include things such as the Mueller report and the FBI's Stone arrest warrant published earlier this year.
July 2, 2020
If there's anything significant I've missed or any mistakes that need addressing please email me and let me know.
May 22, 2020
My latest article has just been published at Consortium News.
I argue that Guccifer 2.0 seemed to have an agenda to associate WikiLeaks with Russia and, because of this, it's fair to question Guccifer 2.0's intentions with regard to his effort to get an archive to WikiLeaks and to have them confirm receipt over insecure channels.
May 11, 2020
I have finally received an answer to a question I asked three years ago.
We've learned that CrowdStrike never had evidence of the DNC emails being exfiltrated, that CrowdStrike's efforts at the DNC didn't seem to prevent hacking or involve monitoring of network activity and that the APT29 malware CrowdStrike discovered doesn't appear to have been the malware that the FBI were looking for in 2015.
I was going to write an article but others already have covered some of the latest revelations:
Bombshell: Crowdstrike admits 'no evidence' Russia stole emails from DNC server (Pushback with Aaron Maté)
Final Nail In RussiaGate Coffin: CrowdStrike Admits "No Evidence" (Jimmy Dore Show)
Despite all of this, I'm not celebrating. That would be silly.
The Mueller report suggests that hackers accessed the DNC's Exchange server in, on or around May 25, 2016 to June 1, 2016 and that they did so via one of their US servers.
If that information didn't come from CrowdStrike then where did it come from?
We shouldn't be too hasty to disregard the likelihood of evidence existing from other sources. If nothing else, I at least expect the DOJ and FBI to have some evidence to support the above assertion.
I'm just grateful my question got answered eventually.
April 30, 2020
I recently became aware of some Twitter DMs (direct messages) featuring Guccifer 2.0 that I had missed, these have been added to the archive and corpus.
The corpus has also been updated to add information from the Roger Stone arrest warrant application that was made public on April 29, 2020.
April 16, 2020
To help reduce the chances of anyone fabricating evidence and corrupting the record, I've recorded MD5 and SHA-1 hashes of all of the files referenced in my previous article about Guccifer 2.0.
I have also updated my article about NBC News getting out of their depth and publishing fake news. (NBC's author, editors and source are all evading accountability, seem to be completely incapable of substantiating their claims and, despite making claims about "proof", refuse to respond when they are challenged to produce it.):
There will be a new article coming out soon regarding Guccifer 2.0's dishonesty in relation to WikiLeaks, the fact that he might not have been the source for the DNC's emails (based on the size of the archive sent) and that, due to what we already know about the persona, it seems Guccifer 2.0 sought to harm the reputation of WikiLeaks.
February 24, 2020
There have been some good articles published recently over at AMGreatness by author Michael Thau relating to RussiaGate and Guccifer 2.0. His latest does an excellent job of shining a light on the absurdity of Guccifer 2.0, what the persona's efforts achieved with regards to creating a pseudo-Russian connection to WikiLeaks and questions CrowdStrike's activities at the DNC in 2016.
December 24, 2019
A few days ago I published an article that demonstrates skepticism of the attribution of Guccifer 2.0 to the GRU is justified by verifiable evidence and that no conspiracy theories are needed.
Some of Guccifer 2.0's Russian breadcrumbs were created through deliberate processes and some of the evidence providing Russian signals seems contrived.
When digging beyond the Russian breadcrumbs scattered on the surface, there are conflicts that point to other locales (eg. US).
Regarding timezone indicia, we have found more unique types of timezone indication that point to US timezones than Russian.
November 13, 2019
A couple of weeks ago I posted an article about the DNC's emails, highlighting the fact that the Special Counsel seem to have missed out the activity that occurred on May 23, 2016.
Regarding the article in my last update (concerning NBC's publication of fake news), I did reach out to a number of NBC News executives asking them to provide evidence to support the claims that they have published and asked why they didn't bother to confirm Campbell's claims with primary sources such as myself or Bill Binney.
It's been over a month and I've heard nothing back from them.
It's fair to assume that they cannot substantiate all of the claims they've made.
I really wish the mainstream press would verify what they publish and show some regard for journalistic integrity.
October 6, 2019
On October 3, 2019, NBC published an article by Ben Collins that featured a false conspiracy theory origin story.
It also incorporated debunked smears against myself from Duncan Campbell.
As a result of this, I have now debunked NBC and numerous other mainstream media outlets that ran with the same story.
September 23, 2019
Been a while since the last update.
I'm currently working on an article covering all available countervailing evidence related to Guccifer 2.0 in aggregate. I'm hoping to have it ready for publication before the end of the year.
I said something in my previous update that I needed to follow up on, so, here's the update on where we are with the ridiculous Campbell/ComputerWeekly smears and conspiracy theory nonsense:
June 8, 2019
At the end of July 2018, Duncan Campbell wrote a hit piece defaming several people (though primarily targeting myself). He promoted a conspiracy theory (that was soon debunked) and came up with a technical theory supposed to support a premise that Guccifer 2.0 had tampered with timestamps in the NGP-VAN archive.
Yesterday, scrutiny of Campbell's tampering theory was published:
I will soon publish a brief recap on the situation with ComputerWeekly, highlighting how their hit-piece has disintegrated over the past year.
I'm also preparing to release further evidence relating to journalistic malpractice. I don't want to release it but, if necessary, I will. The final decision on this will be made on August 1, 2019.
June 1, 2019
Forensicator published a new article on April 22 (just after my last update here) that looked at Guccifer 2.0's files showing that some seem to have been acquired even before the GRU-attributed activities reportedly occurred:
On April 29, Forensicator published another article revealing more evidence that suggests Guccifer 2.0 was deliberately planting both Russian and Romanian indicators in documents he had released:
My article about the Special Counsel report was published on May 6.
It covers various troubling omissions, conflicts & problems with volume 1, part 3 of the report (the part primarily relating to Russian hacking allegations and the Guccifer 2.0 persona):
On May 27, Forensicator published another article, this time revisiting the "HRC_pass.zip" with a surprising finding: it's likely that a USB device was used around the same time as US timezone settings were recorded being in effect just prior to the archive being constructed (this time, in the central timezone and within a week of Guccifer 2.0 appearing):
April 22, 2019
I've added some items to the timeline regarding Guccifer 2.0 and DCLeaks.
Although not directly related to Guccifer 2.0, Forensicator recently published a highly detailed analysis of the leaked DNC emails that WikiLeaks released in 2016 that is worth checking out:
I'm currently working on article about the Mueller report but this will probably not be ready for a couple of weeks due to my current workload elsewhere.
Following this, I'll have a very brief recap on "ComputerWeekly's Fake News Fiasco" (detailing what has happened since the hit-piece was published, outlining the new evidence and explaining what my plans are to get this situation resolved).
March 16, 2019
Here's a brief update on all of Guccifer 2.0's indications of activity in US timezones that have been discovered by independent analysts/researchers during the past two years:
Finally, a slightly off-topic "heads up" for those of you who have followed recent reporting on the DNC emails: Expect to see further details enter the public domain in the not-too-distant future.
March 3, 2019Last year, while distracted by having to deal with smears, lies and conspiracy theories, two things emerged in the public domain in relation to Guccifer 2.0 that, due to the commotion, I unfortunately missed.
One of these was evidence that further supported the premise of Guccifer 2.0 being active in the central (US) time zone (bringing us to 4 or 5 examples of indications in that timezone now depending on whether you count Twitter and WordPress activity separately).
The discovery (originally revealed by a third party researcher/analyst in August 2018) was recently covered in a blog post by Forensicator:
In addition to this, a study carried out last year on a corpus of Guccifer 2.0's text has apparently provided a strong indication that the persona was likely to be Russian in origin (through analyzing lexical errors with the aid of Google Translate).
In conjunction with other observations, this would seem to suggest that Guccifer 2.0 (or at least one of those behind the persona) may have been a Russian who had substantial capacity to speak English (based on his lack of struggling with syntax where Russians would typically struggle) but that struggled with correct translations for certain terms.