Russian flag

BREAKING —The US Department of Justice (DOJ) indicted today 12 Russian intelligence agents on hacking charges related to the 2016 US Presidential Election.

According to a copy of the indictment obtained by Bleeping Computer, the 12 accused are part of Unit 26165 and Unit 74455 of the Russian government's Main Intelligence Directorate (GRU), the country's military intelligence service.

Group accused of infamous DNC hack

The DOJ claims the group is responsible for hacking the computer systems of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC), in 2016, ahead of the US Presidential Election. The group also actively targeted and hacked individual members part of the Clinton Campaign, the DOJ said.

The indictment claims the group used spear-phishing to penetrate DCCC and DNC networks and the email accounts of lone individuals, where they deployed the X-Agent malware that capable of recording keystrokes, stealing files, or taking screenshots. The indictment also mentions the use of the X-Tunnel malware that was used to securely steal data from infected servers and individuals.

Investigators say the group first hacked the DCCC where they compromised an individual who also had credentials for accessing the DNC network, and used those to gain access to DNC servers.

DOJ claim Russian agents were behind Guccifer 2.0 persona

US officials claim the group set up the DCLeaks.com website on which they leaked files they stole from the DCCC, DNC, and from other compromised individuals.

Furthermore, the group also stands accused of creating the Guccifer 2.0 lone-hacker persona through which they tried to claim responsibility for the DNC hack, and through which they released files stolen from the organization.

The group actively tried to hide their identity by claiming they were American hackers (DCLeaks.com operation) or a lone Romanian hacker (Guccifer 2.0) through the use of public Facebook, Twitter, and WordPress.com accounts.

"After public accusations that the Russian government was behind the hacking of DNC and DCCC computers, defendants created the fictitious persona Guccifer 2.0," the DOJ says. "On the evening of June 15, 2016 between 4:19PM and 4:56PM, defendants used their Moscow-based server to search for a series of English words and phrases that later appeared in Guccifer 2.0's first blog post falsely claiming to be a lone Romanian hacker responsible for the hacks in the hopes of undermining the allegations of Russian involvement."

Guccifer 2.0 searches

The accused also used a network of proxies and servers across the globe, for which they paid with cryptocurrency to keep their anonymity.

The DOJ also accused the 12 suspects of conspiring to hack into the computers of state boards of elections, secretaries of state, and US companies that produced software used by states for administering elections.

US officials said the 12 often conversed with US citizens, but investigators said they don't believe the US citizens knew they were speaking with Russian intelligence agents, hence they did not file any charges for the time being. The investigation also didn't find any evidence votes were changed.

Announcement made before key Putin-Trump meeting

The announcement comes just days before President Trump's planned meeting with his Russian counterpart, President Putin, scheduled for Monday, July 16.

At the time of the indictment's announcement, all 12 GRU officers are still at large and believed to be located in Russia.

The names of the accused are Viktor Borisovich Netyksho, Boris Alekseyevich Antonov, Dmitriy Sergeyevich Badin, Ivan Sergeyevich Yermakov, Aleksey Viktorovich Lukashev,  Sergey Aleksandrovich Morgachev, Nikolay Yuryevich Kozachek, Pavel Vyacheslavovich Yershov, Artem Andreyevich Malyshev, Aleksandr Vladimirovich Osadchuk, Aleksey Aleksandrovich Potemkin, and Anatoliy Sergeyevich Kovalev.

Related Articles:

Microsoft Says It Blocked Attempts at Hacking Midterm Campaigns

China's National Cybersecurity Standards Considered a Risk for Foreign Firms

G Suite Can Now Alert You of Government-Backed Attacks

DOD to Move All Websites to HTTPS by the End of the Year

Pentagon Creates 'Do Not Buy' List of Chinese and Russian Software Providers