Putin's Email Scandal: Ukrainian hackers leak more emails of Putin's aide

13:34 Nov. 3, 2016

Ukrainian hackers leak more emails of Putin's aide

Russian Prime Minister Dmitry Medvedev, left, speaks with Deputy Prime Minister Vladislav Surkov at a Cabinet meeting in Moscow (AP photo)

New portion of documents adds to the mounting evidence of Kremlin's leading role in Ukraine conflict

Ukrainian hackers released a second cache of emails tied to Vladislav Surkov, a key Kremlin figure overseeing the Minsk ceasefire agreement and, as many have contended, an architect of Russia's strategy to take Crimea and supervise pro-Russian separatists in eastern Ukraine.

The first release, which AtlanticCouncil's Digital Forensic Research Lab analyzed last week, exposed specific details regarding Surkov's cooperation with Donetsk separatist leaders, most notably Denis Pushilin. However, more often, the first leak of emails showed us Surkov's concern with the media environment of Ukraine and the perceptions in Russia, Ukraine, and the West regarding figures and projects related to the self-declared republics of the Donbas.

DFRLab's analysis of the second leaked inbox, with emails ranging from November 2014 to September 2016, shows many of the same concerns in these emails, along with new revelations.

Comparison between leaks

Like with the first leaked inbox, the second batch of Surkov emails was published by the Ukrainian hacker group "CyberHunta." While the first inbox contained .PST files — data files for Microsoft Outlook inboxes — the second inbox are .MBOX files — common for web mail inboxes, such as Gmail. This difference is consistent with the source of the two inboxes: the first (PST) is from Surkov's "incoming" inbox on a Russian government server (prm_surkova@gov.ru), which presumably used Outlook. The second (MBOX) is another "incoming" inbox for Surkov that was hosted on the popular web client Mail.ru (pochta_mg@mail.ru).

The operators of two leaked inboxes are also the same: two Surkov assistants named Maria and Yevgenia.

Read more Ukrainian 'hacktivists' wage their war against Kremlin on cyber front

Authenticity

The first dump of emails was widely viewed as genuine, including from American and Ukrainian intelligence officials. In DFRLab's analysis, all evident indications pointed towards the authenticity of the leaked materials. The email headers (metadata) appeared reliable, individual incidents could be confirmed with hard-to-find and public information, and various individuals independently confirmed that they had sent emails that appeared in the hacked materials.

The second email cache shows similar signs of authenticity.

Read also Leaked Kremlin emails reveal Putin's strategy to сarve up Ukraine

Revealing findings

Like the first leak, the second released inbox has no bombshell information that would be expected in a forged document, such as admission of culpability in the downing of MH17, receipts of payment to families of Russian soldiers who died in combat in Ukraine, and so on.

The most interesting information is subtle, and in line with previous assumptions of Surkov's role in managing the self-proclaimed Donetsk People's Republic.

Taken together, the two leaked Surkov inboxes shows us what we already knew: key Kremlin figures are supervising separatist officials, funding anti-government movements in Ukrainian-controlled cities, and guiding propaganda efforts related to the Ukrainian Conflict. There is little doubt that Russia will deny the importance of these leaks, but these emails provide a valuable window into the inner workings of the architect of the Crimean takeover and Ukrainian separatist movements.

Read the full DFRLab's analysis here

comments powered by Disqus

RELATED NEWS

Politics20:07 Dec. 3, 2016
Ukraine insists on NATO PA meeting in Kyiv - Gerashchenko
Politics19:34 Dec. 3, 2016
Russia's spreading of fakes ‘is beyond propaganda' – U.S. Intel
Politics16:41 Dec. 3, 2016
Politician makes claims about 'massive corruption' in Ukraine
Politics15:45 Dec. 3, 2016
U.S. failed to separate opposition from terrorists in Syria – Moscow
Politics12:02 Dec. 3, 2016
Lavrov ‘doesn't understand' why Kyiv continues military operation
Ukraine Today WEEKLY DIGEST
Subscribe to receive regular email updates about Ukraine and Eastern Europe
vk154998