The Tangled Web: Seth Rich, Guccifer 2.0, and the Clinton Campaign

One of my Twitter followers likened the recent developments in the case of slain DNC staffer Seth Rich to a John Grisham novel. It involves the unsolved murder of Rich, a former Playboy model, an anonymous hacker, and a man who provides solid evidence that the anonymous hacker is not who he claims.

Many have speculated that Rich was the source of the DNC leaks. He was murdered on July 10, 2016, in Washington D.C. The murder was classified as a robbery gone wrong, but nothing was stolen. The 27-year-old had worked for the DNC as the Voter Expansion Data Director for two years.  On August 9, 2016, Julian Assange offered a $20,000 reward for information leading to the conviction of his murderers, which fueled the speculation that he was WikiLeaks’ source.

On Saturday, April 8, 2017, WikiLeaks posted a tweet with a link to private messages that former Playboy model Robbin Young, claimed were between herself and alleged hacker Guccifer 2.0.

On August 25, 2016, Guccifer 2.0 claimed that his “whistleblower,” was named Seth and he wanted to find a journalist who would do an investigation. Guccifer 2.0 claims that he cannot approach Assange because he is “unsafe,” and might be connected to Russians, but also says that Assange is still his hero.

The full text of the messages are goofy, syrupy, flirty, and strange. Guccifer 2.0 cannot reveal his identity, so the flirtation odd. Robbin Young wrote about snuggling with Guccifer 2.0 and sent a graphic erotic poem to someone she has never seen. She even says “I love you,” and wrote that it is like he is her “secret lover.”

Her website also has a section written by Guccifer 2.0, in which he claims that he waited to publish the DNC hack because he was inside their computers waiting to be discovered in their system. He wrote that he was in stealth mode playing “hide and seek,” with them. He claims to have no political affiliations on her website, but on his personal blog on January 12, 2017, he claimed that he was acting in accordance with his “personal political views and beliefs.”

Young writes on her website that he risks his life to bring truth to the world, but how much truth has he actually revealed? Not much, according to Adam Carter, who put together a timeline of Guccifer 2.0’s actions. WikiLeaks’ second tweet on Saturday regarding Guccifer 2.0 changes the narrative of the story from messages revealing that Seth Rich might have been the source of the DNC leaks to questioning the entire Guccifer 2.0 persona.

There are inconsistencies with what Guccifer 2.0’s actions. After reading the timeline, it becomes apparent that he is most likely a creation of Hillary Clinton’s campaign.

Guccifer 2.0 appeared on Twitter on June 20, 2016, with an announcement of his blog, which was prior to Rich’s death on July 10th. Within two days, he allowed anyone to send him direct messages on Twitter, even if he didn’t follow them back. This is significant because he was soliciting “evidence,” on July 11th. It might have been a honeypot.

Carter methodically debunks Guccifer 2.0’s claims one by one. Guccifer 2.0 claimed to be Romanian, but intentionally left messy Russian fingerprints. There is no evidence of his hacking abilities or identity other than his own claims.

  • Guccifer 2.0 named his computer account after the founder of the Soviet Secret Police.
  • His documents contained intentionally planted Russian metadata.
  • He used a Russian VPN to obscure his IP address.
  • Some of the documents obtained by Guccifer 2.0 had time stamps indicating that they were created a half hour before they were released.
  • Those documents were created by someone who worked for the DNC.
  • The language used in his communication was not indicative of someone native to Russian or Slavonic language, though there were attempts to make it appear that way.

He claimed that he was the source of the DNC leaks several times, but he is obviously not as sophisticated as he wanted people to believe. On October 4th, 2016, he said that he was in possession of hacked information from the Clinton Foundation, but he could not figure out how to post it online because the file was too large. Carter makes the point that if Guccifer 2.0 was the source of the DNC leaks, then he would not struggle to find a way to release the supposed Clinton Foundation data. Guccifer 2.0 merely posted documents that are in the public domain regarding the Clinton Foundation. The few items that were originals and not in the public domain were not damaging to Democrats. One those was a list of personal contact information for 200 Democrats. Though that was leaked information, it did little to hurt the party’s reputation. It’s purpose was to give the media an opportunity to make Guccifer 2.0 sound like a legitimate source.

Carter describes the Clinton campaign as desperate at that time. Hillary was under an FBI investigation, she was under fire for using her personal server, and on June 12th, Assange had publicly stated that there were more leaks coming. A few days later, Guccifer 2.0 appeared. A hacker who left messy Russian fingerprints at every opportunity helped to create the Russian narrative that allowed the media to question the validity of the leaks and claim that Russians were interfering in the election.

This is the Cliff Notes version of events that Adam Carter wrote on his website. There is a wealth of information there that lends credibility to his assertion that Guccifer 2.0 was a creation of the Clinton campaign. The full timeline of events and links to corroborate his findings can be found here.

The compilation by Carter leaves questions. Why did someone from the DNC tell Robbin Young that the leaker’s name was Seth a month and a half after he was murdered? Were they front-loading out of fear that Assange might name his source because he was deceased?


5 thoughts on “The Tangled Web: Seth Rich, Guccifer 2.0, and the Clinton Campaign

  1. Your point…
    “Some of the documents obtained by Guccifer 2.0 had time stamps indicating that they were created a half hour before they were released.”

    This is easily explained if the documents were copied to another file…it would give them a “new” creation date and time…


  2. This all hinges on the idea that Guccifer2 was a creation of the DNC to discredit the leak.

    * Except that DCLeaks was registered in April, a month before CrowdStrike was called in, at around the same time as the apt28 hacks.

    * And Guccifer2 had access to DCLeaks servers and was the one who first publicised it’s existence.

    * And that much of the early metadata was faked, so it makes no sense what-so-ever the faker would include his own name in said metadata (Warren).

    * DCLeaks was on a small, unofficial nameserver alongside other apt28 infrastructure.

    So why would Guccifer2 point the finger at Seth? Maybe to misdirect in the same way he/she claimed DCLeaks was a creation of Wikileaks, and in the same wayhe/she lied about his nationality, and in the same way he/she apparently lied about knowing how the DNC was hacked.

    Nothing can be trusted in what Guccifer2 has ever said. This is a fact. It is one of the only knowable facts about Guccifer2 along side him being directly involved with DCLeaks and by extension apt28 (itself very hard to attribute to anyone without assumption and confirmation bias).

    This is literally all that is known. Anything else is speculation based on very shaky, often times contradictory extrapolations.

    Sources and timeline:


  3. Great job on this. This is the best summary out there I’ve found.

    Another extremely suspicious aspect of the Guccifer persona – his blog is on insecure and easily hack-able WordPress. What kind of world-class hacker would choose this popular, but clunky and insecure technology to communicate about leaks?

    Additionally, his blog persona communicates in English beautifully – unlike others of his communications, which seem to be those of a non-native speaker.

    You have to wonder what is up. Casting aspersion on Assange with the allegation that he has connections to Russia serves the DNC very well right now.

    Thank you, Ginger!


    1. WordPress is insecure if the user doesn’t know what he/she is doing, it can be hardened fairly well, and if you are not using third party plugins the risk of hacking is very low – assuming you have taken proper security measures. It is also free, easy to migrate and can run on pretty much any type of server. I hear what you are saying on some other points, but the use of wordpress is not suspicious, in many ways it makes perfect sense.

      Also, this site uses WordPress. 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s