Putin Starts Talking about Hackers’ Art in Advance of Yevgeniy Nikulin Extradition

Yesterday, Vladimir Putin shifted from the public denials he has made about Russia’s role in the hack of the DNC. Whereas even just days ago, he had denied any involvement, yesterday he suggested Russian hackers might on their own decide to hack Russia’s adversaries out of patriotism.

Asked about suspicions that Russia might try to interfere in the coming elections in Germany, Mr. Putin raised the possibility of attacks on foreign votes by what he portrayed as free-spirited Russian patriots. Hackers, he said, “are like artists” who choose their targets depending how they feel “when they wake up in the morning.” Any such attacks, he added, could not alter the result of elections in Europe, America or elsewhere.

Artists, he said, paint if they wake up feeling in good spirits while hackers respond if “they wake up and read that something is going on in interstate relations” that prompts them to take action. “If they are patriotically minded, they start making their contributions — which are right, from their point of view — to the fight against those who say bad things about Russia,” Mr. Putin added, apparently referring to Hillary Clinton.

Putin’s change, to the extent it is one, may reflect recent events in Prague, where Russian hacker Yevgeniy Nikulin had a hearing on America’s extradition request. As the Guardian describes, the Czechs seem fairly close to approving Nikulin’s extradition to the US.

A 17-page affidavit by [FBI Agent Jeffrey] Miller, seen by the Guardian, outlines the evidence against Nikulin to the Czech court. The affidavit lists some of the aliases Nikulin is alleged to have used, including Chinabig01, Eugene, Uarebeenhacked, John Pattison and itBlackHat.

According to Miller’s affidavit, the FBI evidence is based on “witness interviews including confidential sources, ISP records, court-authorised electronic interceptions, and other sources”. Some of the electronic intercepts were emails from the Gmail account of Alexei Belan, a hacker on the FBI wanted list for allegedly conspiring with Russian FSB agents to perpetrate a huge hack on Yahoo in 2014. Belan is on the FBI’s cyber top 10 most wanted list. None of the raw evidence was provided to the court.

The affidavit relates solely to the hacking of LinkedIn, Dropbox and Formspring in 2012, and does not mention any election hacking.

However, Nikulin wrote in a letter from prison that Miller had interrogated him in Prague on 7 February and raised the election hacking. Excerpts of the letter were provided to the Guardian by Nikulin’s lawyers, but there is no way of substantiating the claims he made.

Nikulin claimed Miller demanded he admit to hacking the DNC servers as part of what the FBI is said to have claimed was a nefarious plot ultimately ordered by Trump, and promised him good treatment in the US if he cooperated. Nikulin wrote that he rejected the offer.

While the focus on the Russian hack has always centered on an alleged phish, in fact the mailboxes sent to Wikileaks better match up with credentials made available via the theft Nikulin is alleged to have carried out; the passwords of most of the people would have been available in barely encrypted format. And the mention of Alexey Belen might tie the Yahoo hack to the DNC hack as well.

Nikulin has been telegraphing his claim the US offered him a cooperation agreement for some time. It doesn’t sound legit — after all, the FBI would be as interested in implicating Russia as Trump. But it may be the best way for him to communicate with the Russian government, including Putin, about what kind of story he might proffer to the FBI.

If so, Putin appears to have gotten the message.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

23 replies
  1. seedeevee says:

    I sure am glad that Putin controls every hacker in the Soviet Union and the Obama has passed control and responsibility to Trump for every hacker in the Free World.

  2. Tom says:

    You quote Putin’s remarks on 1 June ’17, but Putin gave even more provocative answers to Megan Kelly today at the International Economic Conference in St. Petersburg.  Putin’s remarks today concern Russian technical experts’ ability to concoct a false-flag message bearing a spoofed IP address, containing micro-targeted misinformation, and designed to look innocuous enough that it could have been sent by “your three-year-old girl.”

    There’s much more concerning Putin’s remarks both today and yesterday.  I posted responsive diaries on Daily Kos both yesterday and today.  Here’s a link to my posting today:  http://tinyurl.com/ya4c77cb .   Today’s posting has a link to yesterday’s at the beginning.

  3. RickR says:

    Agreed, he got the message. Now he’s passing it on in public. No chance of back channel allegations here.
    Sure bet is that something reflecting this line of thinking will come out of Trump’s mouth or in a tweet soon. He just can’t help it. He’ll see it as a message meant specifically for him that he must acknowledge.

  4. tvor_22 says:

    I’mma use this PUTIN opportunity to spruik my Guccifer2.0 theory number f) that metadata was deliberately made to look deliberate to serve as a blowback shock absorber.

    ‘Blowback shock absorber’ sounds like a term a contractor would use to sell something cyber while also having military hardware type overtones, so I’m going with it.

    • emptywheel says:

      Meaning so Putin could come in and claim it was a false flag? So why make it also appear to be (working from memory) Flood?

      • tvor_22 says:

        Indeed. And why aren’t the IC using this grand unifying blowback absorption theory to explain away those pesky inclusions? Maybe they don’t want to draw attention to them?

        Feds: Hey NSA, what do you know about Evrika and Warren?

        NSA: blank face

        CIA: They’re our assets in…

        All: Oh Shiiiii…GODDAMN YOU PUTIN!

  5. lefty665 says:

    No telling what Nikulin might say once in our custody, he has already alleged an FBI attempt at coercion or bribery.  Putin might be wise to be distancing Russia from him.

    Ray McGovern and Wm. Binney have been suggesting that the DNC hack may have been CIA as part of its anti Trump campaign.  That could explain why Comey never let the FBI get close to the DNC servers. Hard to be sure what they might stumble over. From the tools leaked recently we know CIA had the capability to forge the source of the hack. But as yet we have seen absolutely zero evidence that it was the Russians or that there was collusion with Trump. You’d think the NSA would be able to play back the hack and where the ex-filtrated data went. But we have had no hint of that, and NSA has expressed only “moderate” confidence in Brennan’s hit piece.

     

    • SpaceLifeForm says:

      “That could explain why Comey never let the FBI get close to the DNC servers.”

      Does not compute. It was not Comey. Was DNC.

      My recollection is that DNC *never* called the FBI in the first place. That Comey wanted access but DNC said no. The ‘why’ of this decision is unknown.

      https://www.google.com/amp/thehill.com/policy/national-security/313555-comey-fbi-did-request-access-to-hacked-dnc-servers%3Famp

      The bureau made “multiple requests at different levels,” according to Comey, but ultimately struck an agreement with the DNC that a “highly respected private company” would get access and share what it found with investigators.

      [The third party? CrowdStrike]

      https://www.google.com/amp/thehill.com/policy/national-security/312767-fbi-never-examined-hacked-dnc-servers-report%3Famp

        • SpaceLifeForm says:

          Not disagreeing. Another scenario I have after more thought is stronger than I first wanted to believe. Agree Crowdstrike not trustable.
          And plenty of conflicting reports on what happened, many on 2017-01-05.

          What if, DNC did ask FBI but Comey told them to drop that idea (pretend it never happened), and that he (or someone else in FBI) would ask for access, and then DNC should say no?

          Comey is no dummy. I can think of two different reasons for this scenario. (not going to mention for days due to upcoming events).

          • lefty665 says:

            Interesting, I like simpler explanations rather than more complicated, but sometimes things are not simple. Certainly the IC players were in cahoots with each other (more or less – NSA’s “moderate confidence” in CIA is damning with faint praise when they’re holding the COMINT) and the Dem Administration, and the Admin was driving the DNC. I will be interested in hearing your logic when you’re ready. After Comey’s testimony perhaps?  On that it seems likely the Dems will take his words as coming from the mouth of God, but he is one of the dogs in this fight. A little skepticism seems wise.

  6. SpaceLifeForm says:

    Banks and banks. Follow the money.
    Lots of dots.

    https://www.google.com/amp/s/www.washingtonpost.com/amphtml/politics/explanations-for-kushners-meeting-with-head-of-kremlin-linked-bank-dont-match-up/2017/06/01/dd1bdbb0-460a-11e7-bcde-624ad94170ab_story.html?espv=1

    ST. PETERSBURG, Russia — The White House and a Russian state-owned bank have very different explanations for why the bank’s chief executive and Jared Kushner held a secret meeting during the presidential transition in December.

    A business meeting between an international development bank and a real estate executive, coming as Kushner’s company had been seeking financing for its troubled $1.8 billion purchase of an office building on Fifth Avenue in New York, could raise questions about whether Kushner’s personal financial interests were colliding with his impending role as a public official.

    Flight data reviewed by The Washington Post suggests that the meeting may have taken place on Dec. 13 or 14, about two weeks after Kushner’s encounter with Kislyak.

    According to court documents, Evgeny Buryakov posed as the second-in-command at the bank’s Manhattan office for at least three years while secretly meeting dozens of times with a Russian intelligence officer who tasked him with gathering intelligence on the U.S. economic system.

    Experts on Russia’s security services said that it would have been unlikely for Gorkov to meet with Kushner and not discuss sanctions.

    • lefty665 says:

      Thank you for your observation. My comment was pretty straightforward.

      How did you like Hillary blaming everyone else for her loss while absolving herself?  Now that makes no sense. She seems to have at least misplaced her mind.  ‘Covfefe’ is no better. Hope you’re working on getting the Dems heads out of their elite butts. The country needs a viable alternative.

  7. Bay State Librul says:

    Lefty

    I agree with your Hillary analysis, but it’s time to move on. Trump is such a con man and you seem to seem to align yourself with the Dick.

    • lefty665 says:

      BS Librul, glad to hear you’re working for change, hope it’s not too little too late for the Dems.  Two worst candidates in history, my fear was that one of them would win and it was realized.

  8. Evangelista says:

    WITCH ONE:    “We throw enough shit ino this brew-pot it’ll look like soup at least…”

    WITCH TWO:    “If we insist it is soup, over and over and over again…”

    WITCH THREE:  “How many do you suppose will swallow it?”

    ALL THREE WITCHES:   “HA HA HA!  HO HO HO!  HEE HEE HEE!  We’re talking about Human beings!  American ones, with soup for brains, minds softened to Silly Putty by RF transmission barrages!  Minds sonically softened to imbecile-level capacity for reasoning!  Reduced from intelligent beings to half-wit True Believers!  Fanatical Followers!  Human Lemmings!  They will swallow Anything!  Dust dog-shit with Powdered Sugar and they will fight or the crumbs!  Will they swallow this bullshit Brew?  HA HA HA!  HEE HEE HEE!  HO HO HO!

    Yes, word is out:  Americans have been dumbed to dull by constant barrage of “Bumpa Bumpa Bumpa”.  No more know how to Thinka Thinka Thinka…

    LAVROV:    “Vladimir, do you know the difference between an American and a Yo-yo?”

    PUTIN:     “Is there any?  Americans, I know, just go back and forth on a single string…  Isn’t that the same thing yo-yos do?

    LAVROV:       “I was suspecting that that was the answer…”

    CONSERVATIVE PROFESSOR AT EVERGREEN COLLEGE (in Washington State), SEEING FIRST “MILITANT MINOR” STUDENT:  “Damn, there goes the academic neighborhood!”

    LIBERAL PROFESSOR AT EVERGREEN COLLEGE HEARING CONSERVATIVE PROFESSOR THEN:  “HERE NOW!  NONE OF THAT ‘SUPREMICIST’ TALK!”

    LBERAL PROFESSOR IN 2017:  “Damn, we shared our education system to give them equal opportunity;  they ground our education system down to kindergarten catechisms and slogan-dogmas, and now they want us out!”

    CONSERVATIVE PROFESSOR:  “Told you so.”

    LIBERAL PROFESSOR:  “NOSTRODAMUS!  Now I do believe in Prophesy and Prescience!

    STUDENTS WITH 2017-CALIBER COLLEGE EDUCATION:  “THINKING BEINGS!!  KILL!  KILL!!  KILL!!!

  9. tryggth says:

    During the first iteration, where Putin is claiming they were framed, did he offer a theory which entity would want to both frame Russia and hurt HRC (and/or campaign)?  Running through possible actors under that hyposthesis, three that seem off the table are: 1) HRC supporters, 2) RU aligned entities and 3) RU friendly Trump entities.

  10. Charles says:

    Sorry to offer this comment so late, but I can’t imagine any advantage to Nikulin in signaling his intent to Putin. Putin’s usual response to loose ends is to cut them off.  The wiser course would seem to be to publicly say that the charges are ridiculous and that he won’t say anything.

    • RickR says:

      Maybe not late but early with The Intercept story being released today based on a leaked and confirmed NSA report nailing the Russians for hacking into voting equipment contractors, then in separate reporting we learn the leaker was arrested Saturday.
      Lots of new questions coming up. No wonder Obama’s had a big smile on his face since he left office. He left one hell of a minefield for Trump/Putin/GOP to negotiate. I don’t see sanction relief for Putin any time soon.

Comments are closed.