Thousands of Soros docs released by alleged Russian-backed hackers

BY JULIAN HATTEM - 08/15/16 02:53 PM EDT



Hackers believed to be backed by Russia this weekend publicly released more than 2,000 documents connected to billionaire Democratic donor George Soros and his Open Society Foundations.

The documents detail the ins and outs of Soros’s groups, which have funded a slew of public health, human rights and education programs around the globe, while also mounting opposition to hard-right conservatives in the U.S.

“Soros is an oligarch sponsoring the Democratic party, Hillary Clinton, hundreds of politicians all over the world,” the hackers posted on the website DCLeaks this Saturday when they released the documents.

“This website is designed to let everyone inside George Soros’ Open Society Foundation and related organisations,” they said. “These documents shed light on one of the most influential network operating worldwide.”

The hackers, who describe themselves as “American hacktivists who respect and appreciate freedom of speech, human rights and government of the people,” have been linked to the same group that exposed emails from Democratic Party leaders in the days before that party’s national convention last month. The group this weekend also posted messages from Republican state officials and national politicians, including Sen. Lindsey Graham (R-S.C.).

Cybersecurity firm ThreatConnect has called DCLeaks “another Russian-backed influence outlet” based on similarities with the previously identified Russian hackers, nicknamed Fancy Bear.

The documents released over the weekend are grouped into sections relating to the U.S., Europe, Asia, the World Bank and other topics.

The material offers a look behind the curtain of one of the nation’s preeminent nonprofit groups. Soros’s staunch focus on electoral processes around the globe has been a target of critics, and the wide net of activities is likely to inspire their outrage.

Included in the trove are drafts of fact sheets, calendars, memos, funding reports and similar materials, as one might expect from a major nonprofit group.

Some documents in particular are likely to stir ire on the right, where Soros is regarded as something of a nefarious mastermind trying to exert his influence across the globe.

A 2011 document, highlighted by The Daily Caller, details the foundations’ efforts to encourage criticism of hard-line opponents to Muslim radicalism, such as controversial personalities Frank Gaffney and Pamela Geller, who memorably organized a “Draw Muhammad” event last year.

Another document details the multiple organizations that have received millions in funding to challenge “Israeli laws and discriminatory practices against Israel’s Palestinian minority." Opponents claim those activities undermine Israel's democratic government and security.

Soros and the influence he wields among American liberal organizations have long been a target of scorn from conservatives, much as the billionaire Koch brothers are on the political left.

He has reportedly committed to giving more than $25 million to Clinton, the Democratic presidential nominee, and other Democrats, including a $6 million contribution to pro-Clinton super-PAC Priorities USA.

____


Site connected to Russian hackers posts Republican emails

The emails on the site, known as DCLeaks, appear to be from Republicans and staffers.

thehill.com

Site connected to Russian hackers posts Republican emails
BY JOE UCHILL - 08/12/16 06:20 PM EDT

A website tied to the hacking scandal of the Democratic Party has now posted a small batch of leaked emails from Republican campaigns and state GOP staffers.

The emails on the site, known as DCLeaks, appear to be from state party officials and campaign staff, including that of former presidential candidate Sen. Lindsey Graham (R-S.C.). The messages range from June to October of 2015.

The DNC hacker or hackers known as Guccifer 2.0 used DC Leaks to promote leaks from a Clinton staffer's email to The Smoking Gun, though the hacker claimed not to have been involved with the theft of the messages.

Most of the messages coordinate campaign activities, solicit funds, or invite or RSVP to events. The archive is largely the procedural minutia of running campaigns or state parties.

The emails include a wide array of constituent email addresses. Many appear to be responses to mass-emails from concerned party supporters writing in to their delegates. One reply to a Stop Hillary PAC fundraising email targeting Democrats lack of support for the Benghazi commission reads, "Don’t the Republicans have a majority in Congress? Isn’t John Boehner a Republican? What is the problem that you need my $36 to help you fight back."

The archive appears to be incomplete, with replies to emails that don't appear to be included on their own. That could mean the emails were deleted before being retrieved, or that the leaker or site decided to scrub certain items from the record.

But that there was a leak at all runs counter to a Republican narrative that the DNC is particularly susceptible to data breaches (“What is it with Democrats that they can't maintain basic email security?” Mike Huckabee asked on Facebook).

Guccifer 2.0 is thought to be a front name for Russian intelligence, and the site has strong circumstantial ties to the Russian group believed to be behind the hack of the Democratic National Committee (DNC).

DCLeaks claims to be the work of patriotic American activists but is written in a way that suggests non-native English speakers. Much of the leaks are email archives from critics of Russia.

The site hosts a trove of leaked emails from Gen. Philip Breedlove, who was heavily in favor of fending off Russia during its Ukraine incursion, and George Soros, whose DC Leaks emails were promoted by the site on twitter as “Check George Soros's [Open Society Foundation] plans to counter Russian policy and traditional values.”

DC Leaks site was initially registered by THCServers, a company that has only been the initial registrar for 14 sites since 2013. Including DC Leaks, three of those sites have been connected to the Russian hackers believed to be behind the DNC hack, including a site identified by the German government.

The Russian hackers, nicknamed Fancy Bear, have a pattern of using domain registrars outside of United States that accept bitcoin and the Romanian THCServers fit the mold. It is registered to an email account from europe.com, which, like most of the emails connected to FancyBear, is a free web service based in Europe.

A representative from ThreatConnect, the company that linked Fancy Bear to DCLeaks, noted that the obscure Romanian THCServer and Europe.com would be abnormal for an American hacktivist collective, and believes the sum-total is a strong circumstantial case.

At publication time, the Republican National Convention was not yet able to authenticate the emails.