RSN Fundraising Banner
Major Leak of Russian Documents Expected Soon
Written by <a href="index.php?option=com_comprofiler&task=userProfile&user=44943"><span class="small">Kevin Poulsen, The Daily Beast</span></a>   
Saturday, 26 January 2019 09:28

Poulsen writes: "Russian oligarchs and Kremlin apparatchiks may find the tables turned on them later this week when a new leak site unleashes a compilation of hundreds of thousands of hacked emails and gigabytes of leaked documents."

Vladimir Putin. (image: Lyne Lucien/The Daily Beast)
Vladimir Putin. (image: Lyne Lucien/The Daily Beast)

Major Leak of Russian Documents Expected Soon

By Kevin Poulsen, The Daily Beast

26 January 19

The Russian oligarchs and Kremlin apparatchiks spared by WikiLeaks in the past will not be so lucky this week, when transparency activists drop a massive archive of leaked docs.

ussian oligarchs and Kremlin apparatchiks may find the tables turned on them later this week when a new leak site unleashes a compilation of hundreds of thousands of hacked emails and gigabytes of leaked documents. Think of it as WikiLeaks, but without Julian Assange’s aversion to posting Russian secrets.

The site, Distributed Denial of Secrets, was founded last month by transparency activists. Co-founder Emma Best said the Russian leaks, slated for release Friday, will bring into one place dozens of different archives of hacked material that, at best, have been difficult to locate, and in some cases appear to have disappeared entirely from the web.

“Stuff from politicians, journalists, bankers, folks in oligarch and religious circles, nationalists, separatists, terrorists operating in Ukraine,” said Best, a national-security journalist and transparency activist. “Hundreds of thousands of emails, Skype and Facebook messages, along with lots of docs.”

Distributed Denial of Secrets, or DDoS, is a volunteer effort that launched last month. Its objective is to provide researchers and journalists with a central repository where they can find the terabytes of hacked and leaked documents that are appearing on the internet with growing regularity. The site is a kind of academic library or a museum for leak scholars, housing such diverse artifacts as the files North Korea stole from Sony in 2014, and a leak from the Special State Protection Service of Azerbaijan.

The site’s Russia section already includes a leak from Russia’s Ministry of the Interior, portions of which detailed the deployment of Russian troops to Ukraine at a time when the Kremlin was denying a military presence there. Though some material from that leak was published in 2014, about half of it wasn’t, and WikiLeaks reportedly rejected a request to host the files two years later, at a time when Julian Assange was focused on exposing Democratic Party documents passed to WikiLeaks by Kremlin hackers.

“A lot of what WikiLeaks will do is organize and re-publish information that’s appeared elsewhere,” said Nicholas Weaver, a researcher at the University of California at Berkeley’s International Computer Science Institute. “They’ve never done that with anything out of Russia.”

There’s no shortage of information out there. While barely known in the West, hacker groups like Shaltai Boltai, Ukrainian Cyber Alliance, and CyberHunta have been penetrating and exposing Russian secrets for years. Those leaks can be hard to find, though, particularly if you can’t read Russian.

Last year, Best agreed to help another journalist locate a particular Shaltai Boltai leak, a hunt that sent her into the world of Russian hacktivism. “Later I’m talking to some hackers—this is after DDoS’ public launch—and they hooked me up with a few archives,” Best told The Daily Beast. “A couple gigabytes, something like that. I do some digging, ask around, and manage to stir up a good bit more.”

Once word got around that Best was collecting Russian hacks, the floodgates opened. In late December, the project was on the verge of publishing its Russia collection when “middle of the night, more files come in,” Best said. Then an organization with its own collection of Russia leaks opened its archives to Best and her colleagues.

The DDoS project compiled more than 200,000 emails into a spreadsheet for ease of searching. In all, its cache now contains 61 different leaks totaling 175 gigabytes, dwarfing, by quantity at least, Russia’s leaks against the Democratic National Committee and Hillary Clinton campaign.  

The collection includes files from Alexander Budberg, a Russian columnist married to Dmitry Medvedev’s press secretary; Kirill Frolov, vice-director of the Kremlin-backed Institute for CIS Countries; and Vladislav Surkov, a top aide to Vladimir Putin who was hacked by CyberHunta in October 2016. The Surkov files contained documentary evidence of the Kremlin’s covert coordination with pro-Russia separatists within Ukraine, and though the Kremlin denounced the leak as a fake, several independent forensics examiners agreed the emails were the real deal.

DDoS differs from WikiLeaks in that it doesn’t solicit direct leaks of unpublished data—its focus is on compiling, organizing, and curating leaks that have already appeared somewhere in public. “Emma Best, I think, is someone who will actually do a good job,” said Weaver, citing Best’s aggressive use of the Freedom of Information Act to extract documents from recalcitrant U.S. agencies. “Things get so scattered that putting it all into one place is a huge benefit.”

In an age where leaks and counterleaks have become geopolitical blood sport, any secret-spilling organization has to weigh the risks of a hoax or a leak that’s been maliciously tampered with. DDoS mitigated that danger in its Russian email leaks using the same technique WikiLeaks employed to authenticate the DNC emails—verifying the cryptographic signatures added by the receiving mail server under a security standard called DKIM. “In order to fake that, post hoc, you need the mail server’s private key,” said Weaver. “So when you deal with mail dumps where you have DKIM signatures, tampering can only act to remove entries. You can’t add or modify.”

The DDoS project received some pushback ahead of its December launch over plans to include the 2015 Ashley Madison leak, which exposed thousands of users of the infidelity dating site. Best rethought the plan and now keeps that leak offline, along with other sensitive database breaches primarily affecting people who aren’t public figures.

Though the project is less than two months old, Best is already feeling the creeping paranoia that comes with publishing secrets. At one point, while compiling the Russia leaks, she and her colleagues thought they detected signs of potential “cyber shenanigans” aimed at interfering with the release. They reacted quickly.

“We moved things up and sent copies to several servers and arranged for some secure offline storage by third parties,” she said. It may have been nothing, Best added. “We opted for caution.”

Email This Page your social media marketing partner


A note of caution regarding our comment sections:

For months a stream of media reports have warned of coordinated propaganda efforts targeting political websites based in the U.S., particularly in the run-up to the 2016 presidential election.

We too were alarmed at the patterns we were, and still are, seeing. It is clear that the provocateurs are far more savvy, disciplined, and purposeful than anything we have ever experienced before.

It is also clear that we still have elements of the same activity in our article discussion forums at this time.

We have hosted and encouraged reader expression since the turn of the century. The comments of our readers are the most vibrant, best-used interactive feature at Reader Supported News. Accordingly, we are strongly resistant to interrupting those services.

It is, however, important to note that in all likelihood hardened operatives are attempting to shape the dialog our community seeks to engage in.

Adapt and overcome.

Marc Ash
Founder, Reader Supported News

+12 # Jaax88 2019-01-26 11:18
This new material has me thinking all the defending of Assuage has been bogus as he certainly seems to have been in bed with Putin/Russia. Maybe there is good reason to prosecute him in America.
+2 # lfeuille 2019-01-26 18:44
Oh, good lord. There is no evidence of that. It is obvious that he has a deep antipathy to Clinton, but that has nothing to do with Russia. As SOC she was calling for his prosecution for committing journalism. That is reason enough. I think personally he is something of an ass and blowhard, but that is not in any way illegal. Wikileaks had a right to publish whatever it wanted to.
-7 # Rodion Raskolnikov 2019-01-27 12:56
Jaax -- WikiLeaks has published a lot of leaked documents from Russia. Putin has complained about this. The latest (that I've seen) was a huge tranch of "spy files" from Russia's intelligence agencies. These were put up in 2017. They are a little comparable to the CIA Vault 7 files, but (as far as I read) they don't show such vast power as the CIA files show.

It is interesting that Jaax is swallowing the Mueller grand conspiracy that WikiLeaks is an asset of Russian intelligence. Mueller was part of the gang who persuaded Americans that Saddam had WMD and was planning a mushroom cloud in New York City. Now Mueller is at it again and Americans are again swallowing hook, line, and sinker.
-1 # Salus Populi 2019-01-29 17:03
Further, Mueller, like his protegé Comey, as head of the FBI avoided prosecuting anyone involved in the biggest illegal bank scandal of modern times, and subsequently took a position paying seven figures with that same bank. Corruption is this "incorruptible" scion's middle name.
+6 # Michaeljohn 2019-01-26 12:08
Up next: RR's passionate defense of Assange and claims of 'deep state' responsibility for the leaks ?????????
-3 # Rodion Raskolnikov 2019-01-27 13:05
MJ -- I'm actually in favor of transparency and believe that all governments should be treated in the same way. So if it is good that US government or US political party documents got published, then it is also fine to do the same for Russia.

I took a look at the site. It does not actually publish new leaks but only links to materials that are already on the net:

"we are simply a conduit connecting Internet users to content hosted inside the Tor network . . . does not provide any anonymity. You are strongly advised to download the Tor Browser Bundle and access this content over Tor.

In most cases the sources of the files are named. I see the names of several of my friends. I did not find the Russia files. I will look some more.
+10 # BetaTheta 2019-01-26 12:12
Fair is fair. There is not a government on Earth that doesn't have nasty secrets to hide. Get 'em all out.
+1 # Salus Populi 2019-01-29 17:05
As Izzy Stone put it a long time ago, succinctly: "Governments lie. All of them."
-4 # twestheimer 2019-01-26 12:21
RED Herring alert IMO
+5 # Robbee 2019-01-26 12:22
Major Leak of Russian Documents Expected Soon, Kevin Poulsen, The Daily Beast, 26 January 19

- as robbee always says - "fuck putin! if he can't take a joke!"*

+11 # wrknight 2019-01-26 14:30
WikiLeaks is about obtaining transparency in our own government, not other governments. We have NSA and many other spies that hack into the computers of other governments.

Americans need to be more concerned about what our own government is doing to us. It is a far greater threat to our freedom than any foreign government.

As Pogo said, way back in 1953, "We have met the enemy and he is us".