President Trump has repeatedly derided Mueller’s investigation as a “witch hunt,” even as it produces indictments, guilty pleas, and a pile of new, detailed information about how Russian interfered. The hacks are an especially important part of this case: Unlike claims of collusion or obstruction of justice, the hacking clearly constituted a crime, and there was a clear culprit. As a result, the fact that Mueller hadn’t charged anyone in connection with the crime until now had become conspicuous.
That curious silence ended on Friday. The defendants are charged with conspiracy against the United States, identity theft, and money laundering.
“The object of the conspiracy was to hack into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election,” the indictment states.
The indictment lays out in more detail than previously known how the hacking worked. While the federal government released an intelligence document explaining its conclusions, it offered little hard evidence. Mueller marshals more detailed forensic evidence, recording specific actions, down to searches run and files deleted.
According to Mueller, the GRU, Russia’s main foreign-intelligence agency, conducted the operation with the intention of interfering with the election. One unit was charged with hacking, while another had responsibility for spreading what was known.
The hacking unit used two methods. The first was spearphishing—sending emails intended to trick users into divulging user names and passwords. This was already known to be the method by which hackers got into Podesta’s email. The second was to hack into computer networks, installing malware that allowed them to spy on users, capture keystrokes, take screenshots, and steal files. In addition to the Democratic targets, the Russians allegedly tinkered with hacking state boards of election. Various reports have speculated on whether the Russians did, in fact, break into state election functions, and the indictment provides an answer.
To get the documents out, the second GRU unit created two front personas. One, called DCLeaks, released an early tranche of Podesta emails. The second, Guccifer 2.0, took his name from an earlier Romanian hacker, who became famous for releasing pictures of former President George W. Bush’s paintings. Though they pretended to be Americans and a Romanian, respectively, both DCLeaks and Guccifer 2.0 were Russian intelligence, Mueller charges. To cover up their tracks, they set up a network outside Russia, paid for with cryptocurrencies.
The indictment states that the GRU officials corresponded with several Americans. For example, in August, Guccifer 2.0 “wrote to a person who was in regular contact with senior members of the presidential campaign of Donald J. Trump, ‘thank u for writing back … do u find anyting [sic] interesting in the docs i posted?’” Previous investigations have already revealed that that individual was Roger Stone, the sometime Trump adviser and former business partner of Trump campaign chairman Paul Manafort.