Guccifer Explained

Guccifer should not be confused with Guccifer 2.0.

Marcel Lehel Lazăr (born 23 November 1971), known as Guccifer, is a Romanian hacker responsible for high-level computer security breaches in the U.S. and Romania. Lazăr targeted celebrities, Romanian and U.S. government officials, and other prominent persons.[1]

Lazăr first appeared in news media in February 2013 after the website The Smoking Gun reported he was responsible for hacking the AOL account of Dorothy Bush Koch, sister of former president George W. Bush.[2] Family photos of former president George H. W. Bush, who was in the hospital at the time, were circulated to the internet. He also circulated a self-portrait painted by George W. Bush. Lazăr went on to hack a number of AOL, Yahoo!, Flickr, and Facebook accounts, giving him access to information about current and former high-level government officials.

In January 2014, Lazăr was jailed in his native Romania for seven years after being convicted of hacking emails of Romanian officials. Lazăr was subsequently extradited by Romania to the United States, where he was indicted on federal charges. In May 2016, Lazăr pleaded guilty in federal court to two charges. In September 2016, he was sentenced to 52 months in prison in the United States.[3] [4] Romanian authorities asked for Lazăr to be released to his home nation to complete his seven-year prison sentence there before being returned to the U.S. to serve his federal prison sentence.[3]

Background

Lazăr is of Romanian and Hungarian ancestry.[5] He lived in the village of Sâmbăteni, part of the Păuliș commune, to the east of Arad, Romania.[5]

Computer hacking activities

Lazăr has said that his pseudonym Guccifer is a portmanteau of "Gucci" and "Lucifer" (a reference, he says, to "the style of Gucci and the light of Lucifer").[6]

Lazăr had no particular computer expertise, but instead used patience and persistence to obtain private information.[5] Lazăr had "no fancy equipment, only a clunky NEC desktop and a Samsung cellphone, and no special skills beyond what he had picked up on the web."[5] He used the simple technique of finding information about his victims online and then using this to guess the correct answers to security questions.[5] At the time of his arrest in 2014, Lazăr was an unemployed taxi driver.[5]

Lazăr later hacked Colin Powell's website and accessed years' worth of his correspondence from another AOL account. The correspondence included personal financial information as well as e-mails to George Tenet, Richard Armitage, and John Negroponte.[7] Through six months of trial and error, Lazăr guessed the password of Romanian politician Corina Crețu and gained access to her correspondence with Powell.[5]

The hacker also targeted U.S. Senator Lisa Murkowski; a senior UN official; members of the Rockefeller family; former FBI and Secret Service agents,[8] as well as the brother of Barbara Bush, CBS sportscaster Jim Nantz, and former Miss Maine Patricia Legere.[9]

On March 20, 2013, USA Today reported that Lazăr had successfully hacked the e-mail account of Sidney Blumenthal, a former aide to former president Bill Clinton.[10] He distributed private memos from Blumenthal to Secretary of State Hillary Clinton involving recent events in Libya, including the September 11, 2012 Benghazi attack.[11] Before distributing the memos, he copied and pasted the text into his own new documents, then reformatted them with pink backgrounds and Comic Sans font.[11] The hacker's IP address was traced to Russia, however there was no certainty as to whether this was his actual location or whether he had used a proxy to hide his true location.[12]

In early May 2013, Lazăr hacked into online accounts owned by two members of the Council on Foreign Relations, as well as accounts owned by Adam Posen and his wife and another owned by a former Federal Reserve Board official.[13]

TSG reported on May 7, 2013, that Lazăr had hacked the Twitter feed and e-mail account of Sex and the City author Candace Bushnell.[13] Bushnell spent several hours fighting for control of the accounts, while Lazăr publicly posted portions of an unpublished manuscript to Bushnell's Twitter feed. Lazăr sent an e-mail to TSG claiming responsibility for the hack using the AOL account of actor Rupert Everett.[13]

Prosecutions and imprisonment

Arrests and convictions in Romania

On 22 January 2014, Lazăr, then age 40, was arrested by the Romanian law enforcement agency DIICOT (the Department of Investigation of Organized Crime and Terrorism Offenses, Direcția de Investigare a Infracțiunilor de Criminalitate Organizată și Terorism) at his home in Sâmbăteni, Arad County.[14] [15]

In 2014, a Romanian court sentenced Lazăr to four years in jail for accessing email accounts of public figures "with the aim of getting ... confidential data."[16]

Lazăr had already had a police record in Romania, having been arrested and convicted there in 2011 for "hacking into the email accounts of Romanian starlets and other celebrities" under the pseudonym Micul Fum ("Little Smoke").[5] He was serving a separate three-year sentence in Romania for those crimes.[16]

In an interview with the New York Times in November 2014 conducted while Lazăr was imprisoned in the Arad Penitentiary, the hacker "read out a lengthy handwritten statement that he said explained the purpose of his hacking," which included "a potpourri of conspiracy theories about the terrorist attacks of September 11, 2001, the 1997 death of Princess Diana and alleged plans for a nuclear attack in Chicago in 2015."[5] Lazăr claimed that the world is run by the Illuminati and a cabal of others.[5]

U.S. indictment and extradition to the U.S.

On June 12, 2014, Lazăr was indicted by a federal grand jury in the United States District Court for the Eastern District of Virginia in Alexandria, Virginia, on nine charges: three counts of wire fraud, three counts of gaining unauthorized access to protected computers, and one count each of aggravated identity theft, cyberstalking and obstruction of justice.[16] [17] [18]

The indictment alleged that:

In March 2016, Romania approved an 18-month temporary extradition to the United States, and Lazăr was surrendered to U.S. authorities.[16] [17] Since his extradition, Lazăr has been detained at Alexandria City Jail[19] [20] in Alexandria, Virginia.[12] He made his first U.S. court appearance on April 1, 2016.[21]

Claim regarding Hillary Clinton email server

See main article: article and Hillary Clinton email controversy. In May 2016 - one month after being extradited to the U.S., and while jailed in Virginia awaiting trial - Guccifer claimed to have repeatedly hacked Hillary Clinton's email server. This claim occurred in the midst of an ongoing FBI probe of Clinton's use of a private email server while serving as United States Secretary of State. Lazăr claimed that the server was "like an open orchid on the Internet"[22] and that "it was easy ... easy for me, for everybody."[12]

Lazăr provided no proof of his claim, and U.S. investigators found no evidence to support the claim.[23] [24] [25] U.S. officials have also said that if Lazăr had obtained information from Clinton's servers, he would have publicly released such information, as he did when he obtained access to other high-profile individuals,[25] such as Sidney Blumenthal[26] and George W. Bush.[27] According to an FBI report, Lazăr stated during interrogation that he had lied to FOX News when claiming he hacked Clinton's e-mail server, and investigators determined that although he may have attempted to access the server, no additional solid forensic evidence was found to tie Lazăr to this failed access attempt.[28]

Guilty plea on U.S. charges

On May 25, 2016, Lazăr - then age 44 - pleaded guilty in U.S. federal court to unauthorized access to a protected computer and aggravated identity theft as part of a plea agreement with federal prosecutors.[29]

According to a Justice Department press release:

Sentencing

On September 1, 2016, U.S. District Judge James C. Cacheris sentenced Lazăr to 52 months in prison. The judge also stated that the Justice Ministry of Romania had made a request for Lazăr to be returned to Romania to complete his prison service there, before being conditionally released in 2018 and returned to America to serve his U.S. prison sentence.[3] He was released from prison in August 2021.[30]

See also

Notes and References

  1. News: Jack. Bremer. Super-hacker 'Guccifer' held and named as Marcel Lazar Lehel. The Week. 23 January 2014. 8 July 2016.
  2. News: Audacious Hack Exposes Bush Family Pix, E-Mail. staff. February 7, 2013. The Smoking Gun. 20 March 2013.
  3. News: Rachel . Weiner . Spencer S. . Hsu . Hacker known as Guccifer sentenced to 52 months in prison . 1 September 2016. Washington Post. September 1, 2016.
  4. News: Reid. Paula. Romanian hacker "Guccifer" sentenced. 1 September 2016. CBS News. 1 September 2016.
  5. News: Higgins . Andrew . For Guccifer, Hacking Was Easy. Prison Is Hard.. New York Times. November 11, 2014.
  6. News: Ed . Adamczyk . 'Guccifer' pleads guilty to hacking emails of Clinton, ex-presidents . UPI . May 25, 2016 .
  7. News: Colin Powell's personal emails infiltrated by Bush family hacker 'Guccifer' . Lee . Kristen . March 13, 2013 . New York Daily News . 20 March 2013.
  8. News: Bipartisan Hacker Guccifer Hates the Illuminati, AOL. Coscarelli. Joe. March 19, 2013 . . 20 March 2013.
  9. News: Bush Hacker's Victims Include U.S. Senator. staff. February 14, 2013. The Smoking Gun. 20 March 2013.
  10. News: Q&A: 'Guccifer' hacks Hillary Clinton's e-mails via aide's account. Acohido. Byron. March 20, 2013. USA Today. 20 March 2013.
  11. News: Hacker Begins Distributing Confidential Memos Sent To Hillary Clinton On Libya, Benghazi Attack. staff. March 18, 2013. The Smoking Gun. 20 March 2013.
  12. Web site: Catherine . Herridge . Pamela K. . Browne . Romanian hacker Guccifer: I breached Clinton server, 'it was easy'. Fox News. Lazar said he chose to use 'proxy servers in Russia,' describing them as the best, providing anonymity. Cyber experts who spoke with Fox News said the process Lazar described is plausible. The federal indictment Lazar faces in the U.S. for cyber-crimes specifically alleges he used "a proxy server located in Russia" for the Blumenthal compromise. . May 4, 2016.
  13. News: "Sex And The City" Author, Members Of Council On Foreign Relations Join List of "Guccifer" Hacking Victims. May 7, 2013. The Smoking Gun. 8 May 2013.
  14. News: ro . Vlad . Barza . Hackerul 'Guccifer', care i-a spart contul șefului SRI, George Maior, a fost prins la Arad . HotNews . 22 January 2014 . 2014-01-22 .
  15. News: ro . Hackerul 'Micul Fum', necunoscut în satul său din județul Arad . Adevărul . 22 August 2011 . 2015-03-05 .
  16. Web site: Radu-Sorin . Marinas . Romania approves extradition of convicted hacker 'Guccifer' to U.S. . Reuters . March 4, 2016 .
  17. https://www.justice.gov/usao-edva/pr/romanian-national-guccifer-extradited-face-hacking-charges Romanian National "Guccifer" Extradited to Face Hacking Charges
  18. Romanian National 'Guccifer' Charged With Hacking Into Personal Email Accounts . . U.S. Attorney's Office for the Eastern District of Virginia . June 12, 2014 .
  19. Web site: VINElink . vinelink.com . 2016-06-16 . 2016-01-16 . https://web.archive.org/web/20160116144902/https://www.vinelink.com/ . dead .
  20. Web site: Virginia Department of Corrections Offender Locator . vadoc.virginia.gov . 2016-06-16.
  21. News: Hacker 'Guccifer' extradited from Romania, appears in U.S. court . . April 1, 2016 .
  22. News: Cynthia . McFadden . Tim . Uehlinger . Tracy . Connor . Hacker 'Guccifer': I Got Inside Hillary Clinton's Server . . May 5, 2016 .
  23. News: Hillary Clinton may have to testify under oath about email server . Associated Press . May 4, 2016 . [T]he hacker provided no proof of his claim to have hacked Clinton's server..
  24. News: Pete . Williams . Guccifer, Hacker Who Says He Breached Clinton Server, Pleads Guilty . NBC News . May 25, 2016 . [Lazăr] refused to show any of the material he said he found on the Clinton server, and federal investigators said they have found no evidence to back up his claim. .
  25. News: Matt . Zapotosky . Officials: Scant evidence that Clinton had malicious intent in handling of emails . The Washington Post . May 5, 2016 . U.S. officials also dismissed claims by a Romanian hacker now facing federal charges in Virginia that he was able to breach Clinton’s personal email server. The officials said investigators have found no evidence to support the assertion by Marcel Lehel Lazar to Fox News and others, and they believed if he had accessed Clinton's emails, he would have released them — as he did when he got into accounts of other high-profile people. .
  26. Web site: Gerstein. Josh. Trial set for suspect who allegedly hacked Bush family, Sidney Blumenthal. Politico. 14 April 2016.
  27. Web site: Matei . Silviu . 'Guccifer' hacker who leaked Bush paintings arrested in Romania . . NBC News . 22 January 2014.
  28. Web site: Hillary R. Clinton Part 21 of 21. May 4, 2018 . Federal Bureau of Investigation .
  29. https://www.justice.gov/usao-edva/pr/romanian-hacker-guccifer-pleads-guilty-computer-hacking-crimes Romanian Hacker "Guccifer" Pleads Guilty to Computer Hacking Crimes
  30. Web site: Sorry, Not Sorry: Guccifer, the Hacker Who Launched Clinton Email Flap, Speaks Out After Nearly a Decade Behind Bars . Biddle . Sam . January 15, 2023 . theintercept.com . The Intercept.