Guccifer

Not to be confused with Guccifer 2.0.

Marcel Lehel Lazăr (born (1971-11-23)November 23, 1971), known as Guccifer, is a Romanian hacker responsible for high-level computer security breaches in the U.S. and Romania. Lazăr targeted celebrities, Romanian and U.S. government officials, and other prominent persons.[1]

Lazăr first appeared in news media in February 2013 after the website The Smoking Gun reported he was responsible for hacking the AOL account of Dorothy Bush Koch, sister of former president George W. Bush.[2] Family photos of former president George H. W. Bush, who was in the hospital at the time, were circulated to the internet. He also circulated a self-portrait painted by George W. Bush. Lazăr went on to hack a number of AOL, Yahoo!, Flickr, and Facebook accounts, giving him access to information about current and former high-level government officials.

In January 2014, Lazăr was jailed in his native Romania for seven years after being convicted of hacking emails of Romanian officials. Lazăr was subsequently extradited by Romania to the United States, where he was indicted on federal charges. In May 2016, Lazăr pleaded guilty in federal court to two charges. In September 2016, he was sentenced to 52 months in prison in the United States.[3][4] Romanian authorities asked for Lazăr to be released to his home nation to complete his seven-year prison sentence there before being returned to the U.S. to serve his federal prison sentence.[3]

Background

Lazăr is of Romanian and Hungarian ancestry.[5] He lived in the village of Sâmbăteni, part of the Păuliș commune, to the east of Arad, Romania.[5]

Computer hacking activities

Lazăr has said that his pseudonym Guccifer is a portmanteau of "Gucci" and "Lucifer" (a reference, he says, to "the style of Gucci and the light of Lucifer").[6]

Lazăr had no particular computer expertise, but instead used patience and persistence to obtain private information.[5] Lazăr had "no fancy equipment, only a clunky NEC desktop and a Samsung cellphone, and no special skills beyond what he had picked up on the web."[5] He used the simple technique of finding information about his victims online and then using this to guess the correct answers to security questions.[5] At the time of his arrest in 2014, Lazăr was an unemployed taxi driver.[5]

Lazăr later hacked Colin Powell's website and accessed years' worth of his correspondence from another AOL account. The correspondence included personal financial information as well as e-mails to George Tenet, Richard Armitage, and John Negroponte.[7] Through six months of trial and error, Lazăr guessed the password of Romanian politician Corina Crețu and gained access to her correspondence with Powell.[5]

The hacker also targeted U.S. Senator Lisa Murkowski; a senior UN official; members of the Rockefeller family; former FBI and Secret Service agents,[8] as well as the brother of Barbara Bush, CBS sportscaster Jim Nantz, and former Miss Maine Patricia Legere.[9]

On March 20, 2013, USA Today reported that Lazăr had successfully hacked the e-mail account of Sidney Blumenthal, a former aide to former president Bill Clinton.[10] He distributed private memos from Blumenthal to Secretary of State Hillary Clinton involving recent events in Libya, including the September 11, 2012 Benghazi attack.[11] Before distributing the memos, he copied and pasted the text into his own new documents, then reformatted them with pink backgrounds and Comic Sans font.[11] The hacker's IP address was traced to Russia, however there was no certainty as to whether this was his actual location or whether he had used a proxy to hide his true location.[12]

In early May 2013, Lazăr hacked into online accounts owned by two members of the Council on Foreign Relations, as well as accounts owned by Adam Posen and his wife and another owned by a former Federal Reserve Board official.[13]

TSG reported on May 7, 2013, that Lazăr had hacked the Twitter feed and e-mail account of Sex and the City author Candace Bushnell.[13] Bushnell spent several hours fighting for control of the accounts, while Lazăr publicly posted portions of an unpublished manuscript to Bushnell's Twitter feed. Lazăr sent an e-mail to TSG claiming responsibility for the hack using the AOL account of actor Rupert Everett.[13]

Prosecutions and imprisonment

Arrests and convictions in Romania

On 22 January 2014, Lazăr, then age 40, was arrested by the Romanian law enforcement agency DIICOT (the Department of Investigation of Organized Crime and Terrorism Offenses, Direcția de Investigare a Infracțiunilor de Criminalitate Organizată și Terorism) at his home in Sâmbăteni, Arad County.[14][15]

In 2014, a Romanian court sentenced Lazăr to four years in jail for accessing email accounts of public figures "with the aim of getting ... confidential data."[16]

Lazăr already had a police record in Romania, having been arrested and convicted there in 2011 for "hacking into the email accounts of Romanian starlets and other celebrities" under the pseudonym Micul Fum ("Little Smoke").[5] He was serving a separate three-year sentence in Romania for those crimes.[16]

In an interview with the New York Times in November 2014 conducted while Lazăr was imprisoned in the Arad Penitentiary, the hacker "read out a lengthy handwritten statement that he said explained the purpose of his hacking," which included "a potpourri of conspiracy theories about the terrorist attacks of September 11, 2001, the 1997 death of Princess Diana and alleged plans for a nuclear attack in Chicago in 2015."[5] Lazăr claimed that the world is run by the Illuminati and a cabal of others.[5]

U.S. indictment and extradition to the U.S.

On June 12, 2014, Lazăr was indicted by a federal grand jury in the United States District Court for the Eastern District of Virginia in Alexandria, Virginia, on nine charges: three counts of wire fraud, three counts of gaining unauthorized access to protected computers, and one count each of aggravated identity theft, cyberstalking and obstruction of justice.[16][17][18]

The indictment alleged that:

From December 2012 to January 2014, [Lazăr] hacked into the email and social media accounts of high-profile victims, including a family member of two former U.S. presidents, a former U.S. Cabinet member, a former member of the U.S. Joint Chiefs of Staff and a former presidential advisor. After gaining unauthorized access to their email and social media accounts, [Lazăr] publicly released his victims' private email correspondence, medical and financial information, and personal photographs. The indictment also alleges that in July and August 2013, [Lazăr] impersonated a victim after compromising the victim's account.[18]

In March 2016, Romania approved an 18-month temporary extradition to the United States, and Lazăr was surrendered to U.S. authorities.[16][17] Since his extradition, Lazăr has been detained at Alexandria City Jail[19][20] in Alexandria, Virginia.[12] He made his first U.S. court appearance on April 1, 2016.[21]

Claim regarding Hillary Clinton email server

Main article: Hillary Clinton email controversy

In May 2016—one month after being extradited to the U.S., and while jailed in Virginia awaiting trial—Guccifer claimed to have repeatedly hacked Hillary Clinton's email server. This claim occurred in the midst of an ongoing FBI probe of Clinton's use of a private email server while serving as United States Secretary of State. Lazăr claimed that the server was "like an open orchid on the Internet"[22] and that "it was easy ... easy for me, for everybody."[12]

Lazăr provided no proof of his claim, and U.S. investigators found no evidence to support the claim.[23][24][25] U.S. officials have also said that if Lazăr had obtained information from Clinton's servers, he would have publicly released such information, as he did when he obtained access to other high-profile individuals,[25] such as Sidney Blumenthal[26] and George W. Bush.[27] According to an FBI report, Lazăr stated during interrogation that he had lied to FOX News when claiming he hacked Clinton's e-mail server, and investigators determined that although he may have attempted to access the server, no additional solid forensic evidence was found to tie Lazăr to this failed access attempt.[28]

Guilty plea on U.S. charges

On May 25, 2016, Lazăr—then age 44—pleaded guilty in U.S. federal court to unauthorized access to a protected computer and aggravated identity theft as part of a plea agreement with federal prosecutors.[29]

According to a Justice Department press release:

In a statement of facts filed with his plea agreement, [Lazăr] admitted that from at least October 2012 to January 2014, he intentionally gained unauthorized access to personal email and social media accounts belonging to approximately 100 Americans, and he did so to unlawfully obtain his victims' personal information and email correspondence. His victims included an immediate family member of two former U.S. presidents, a former member of the U.S. Cabinet, a former member of the U.S. Joint Chiefs of Staff and a former presidential advisor, he admitted. [Lazăr] admitted that in many instances, he publically [sic] released his victims’ private email correspondence, medical and financial information and personal photographs.[29]

Sentencing

On September 1, 2016, U.S. District Judge James C. Cacheris sentenced Lazăr to 52 months in prison. The judge also stated that the Justice Ministry of Romania had made a request for Lazăr to be returned to Romania to complete his prison service there, before being conditionally released in 2018 and returned to America to serve his U.S. prison sentence.[3] He was released from prison in August 2021.[30]

See also

References

  1. ^ Bremer, Jack (23 January 2014). "Super-hacker 'Guccifer' held and named as Marcel Lazar Lehel". The Week. Retrieved 8 July 2016.
  2. ^ staff (February 7, 2013). "Audacious Hack Exposes Bush Family Pix, E-Mail". The Smoking Gun. Retrieved 20 March 2013.
  3. ^ a b c Weiner, Rachel; Hsu, Spencer S. (September 1, 2016). "Hacker known as Guccifer sentenced to 52 months in prison". Washington Post. Retrieved 1 September 2016.
  4. ^ Reid, Paula (1 September 2016). "Romanian hacker "Guccifer" sentenced". CBS News. Retrieved 1 September 2016.
  5. ^ a b c d e f g h i j Higgins, Andrew (November 11, 2014). "For Guccifer, Hacking Was Easy. Prison Is Hard". New York Times.
  6. ^ Adamczyk, Ed (May 25, 2016). "'Guccifer' pleads guilty to hacking emails of Clinton, ex-presidents". UPI.
  7. ^ Lee, Kristen (March 13, 2013). "Colin Powell's personal emails infiltrated by Bush family hacker 'Guccifer'". New York Daily News. Retrieved 20 March 2013.
  8. ^ Coscarelli, Joe (March 19, 2013). "Bipartisan Hacker Guccifer Hates the Illuminati, AOL". New York. Retrieved 20 March 2013.
  9. ^ staff (February 14, 2013). "Bush Hacker's Victims Include U.S. Senator". The Smoking Gun. Retrieved 20 March 2013.
  10. ^ Acohido, Byron (March 20, 2013). "Q&A: 'Guccifer' hacks Hillary Clinton's e-mails via aide's account". USA Today. Retrieved 20 March 2013.
  11. ^ a b staff (March 18, 2013). "Hacker Begins Distributing Confidential Memos Sent To Hillary Clinton On Libya, Benghazi Attack". The Smoking Gun. Retrieved 20 March 2013.
  12. ^ a b c Herridge, Catherine; Browne, Pamela K. (May 4, 2016). "Romanian hacker Guccifer: I breached Clinton server, 'it was easy'". Fox News. Lazar said he chose to use 'proxy servers in Russia,' describing them as the best, providing anonymity. Cyber experts who spoke with Fox News said the process Lazar described is plausible. The federal indictment Lazar faces in the U.S. for cyber-crimes specifically alleges he used "a proxy server located in Russia" for the Blumenthal compromise.
  13. ^ a b c ""Sex And The City" Author, Members Of Council On Foreign Relations Join List of "Guccifer" Hacking Victims". The Smoking Gun. May 7, 2013. Retrieved 8 May 2013.
  14. ^ Barza, Vlad (22 January 2014). "Hackerul 'Guccifer', care i-a spart contul șefului SRI, George Maior, a fost prins la Arad". HotNews (in Romanian). Retrieved 2014-01-22.
  15. ^ "Hackerul 'Micul Fum', necunoscut în satul său din județul Arad". Adevărul (in Romanian). 22 August 2011. Retrieved 2015-03-05.
  16. ^ a b c d Marinas, Radu-Sorin (March 4, 2016). "Romania approves extradition of convicted hacker 'Guccifer' to U.S." Reuters.
  17. ^ a b Romanian National "Guccifer" Extradited to Face Hacking Charges, United States Department of Justice, U.S. Attorney's Office for the Eastern District of Virginia (April 1, 2016).
  18. ^ a b "Romanian National 'Guccifer' Charged With Hacking Into Personal Email Accounts". U.S. Attorney's Office for the Eastern District of Virginia (Press release). United States Department of Justice. June 12, 2014.
  19. ^ "Virginia Department of Corrections Offender Locator". vadoc.virginia.gov. Retrieved 2016-06-16.
  20. ^ "Hacker 'Guccifer' extradited from Romania, appears in U.S. court". Reuters. April 1, 2016.
  21. ^ McFadden, Cynthia; Uehlinger, Tim; Connor, Tracy (May 5, 2016). "Hacker 'Guccifer': I Got Inside Hillary Clinton's Server". NBC News.
  22. ^ "Hillary Clinton may have to testify under oath about email server". Associated Press. May 4, 2016. [T]he hacker provided no proof of his claim to have hacked Clinton's server.
  23. ^ Williams, Pete (May 25, 2016). "Guccifer, Hacker Who Says He Breached Clinton Server, Pleads Guilty". NBC News. [Lazăr] refused to show any of the material he said he found on the Clinton server, and federal investigators said they have found no evidence to back up his claim.
  24. ^ a b Zapotosky, Matt (May 5, 2016). "Officials: Scant evidence that Clinton had malicious intent in handling of emails". The Washington Post. U.S. officials also dismissed claims by a Romanian hacker now facing federal charges in Virginia that he was able to breach Clinton's personal email server. The officials said investigators have found no evidence to support the assertion by Marcel Lehel Lazar to Fox News and others, and they believed if he had accessed Clinton's emails, he would have released them — as he did when he got into accounts of other high-profile people.
  25. ^ Gerstein, Josh (14 April 2016). "Trial set for suspect who allegedly hacked Bush family, Sidney Blumenthal". Politico.
  26. ^ Matei, Silviu (22 January 2014). "'Guccifer' hacker who leaked Bush paintings arrested in Romania". NBC News. Reuters.
  27. ^ "Hillary R. Clinton Part 21 of 21". Federal Bureau of Investigation. May 4, 2018.
  28. ^ a b Romanian Hacker "Guccifer" Pleads Guilty to Computer Hacking Crimes, United States Department of Justice, U.S. Attorney's Office for the Eastern District of Virginia (May 25, 2016).
  29. ^ Biddle, Sam (January 15, 2023). "Sorry, Not Sorry: Guccifer, the Hacker Who Launched Clinton Email Flap, Speaks Out After Nearly a Decade Behind Bars". theintercept.com. The Intercept.