Guccifer2.0 - Detained/Compromised Theory & Evidence
111 2016-10-07 by d3fi4nt
Back in 2011, I claimed that Sabu of Lulzsec had been caught and approx. 6 months later, the FBI conceded that they had indeed captured Sabu and had worked with him for those last 6 months.
I had never made such a claim like that previously (after 15 years of being on the Internet).
Since then, I've never made the claim about anyone else... until now, October 2016.
I have become increasingly convinced over the last 5 days and now am almost certain:
GUCCIFER2.0 HAS PROBABLY BEEN DETAINED! - HIS WP/TWITTER ACCOUNTS ARE PROBABLY UNDER FBI CONTROL
If that sounds crazy... you're probably too invested in "his" latest "leak" being proof of what you want to believe that you're not seeing the elephant in the room.
If you oppose Hillary - you probably want to believe the TARP documents and archive he posted are proof of a CF breach... this is simply not true.
If you support Hillary - you probably want to believe the lack of new evidence is proof Guccifer2.0 was a phony all along... this is simply not true.
If you just want to know the truth - you may want to focus on his STATEMENTS, his big CLAIM and the EVIDENCE that is supposed to support it and the possible OUTCOMES of these actions we are witnessing...
CONSIDER THE GUCCIFER2.0 OF THE PAST:
breached servers previously and when he did, he damn well made sure the evidence he posted unquestionably demonstrated what he had achieved.
past releases provided new and significant information.
past hacks/leaks covered DPVA (VA Dems), DCCC & NGP (NGP-VAN).
gave data to (or expressed a desire to publish data via) Wikileaks before and knows they are capable of distributing large volumes of data.
CONSIDER THE GUCCIFER2.0 OF THE PRESENT:
makes a big attention-grabbing claim that generate headlines but the evidence he provides fails to support it (see below).
latest release is old data and data that is already in the public domain, it reveals nothing new (even the TARP stuff, see below).
evidence provided mysteriously coincides with the previous hacks/leaks (99% of data is from DPVA/DCCC/NGP hacks/leaks)
he states there's a lot more data but doesn't know how to get it online (contradicts his previous statements about using Wikileaks)
His latest actions, when you consider the blatant problems with the evidence (see below), only leads to one outcome... the destruction of his own reputation.
For him to post such low quality of evidence is out of character for G2.0 right from the start, but for him to claim that the files are a random selection of files from the Clinton Foundation server when it so easily debunked... is so illogical that no self-respecting hacker would do it.
THE EVIDENCE:
I've listed the 2,082 files contained in the ~800Mb archive at https://justpaste.it/yzwz - someone else also listed them at: http://pastebin.com/C34b8V8e
These documents are claimed to be from a Clinton Foundation server specifically.
The only batches of documents relating to any state party are files related to DPVA (already hacked/leaked) and no batches from any other states!
99% of the files in the archive relate to the DPVA/DCCC/NGP hacks/leaks previously released - it is not new information from a new hack.
The other files contain information that has previously been in the public domain (the TARP stuff was all dug up back in 2009 by the Center for Responsive Politics / OpenSecrets).
Noise made since the release has just been in relation to data that was in the DCCC trove.
The information provided to The Observer has not been validated and the screenshots shown in the article that show CF (like the invoice screenshot) are actually older documents found elsewhere and already in the public domain.
Do you really think Guccifer2.0 would be stupid and illogical enough to provide 800Mb of data that is all old crap and reveals nothing new after claiming to hack somewhere so high profile?
Do you really think Guccifer2.0 would be stuck for getting the data out when he had already used Wikileaks for that purpose previously?
Do you really think Guccifer2.0 is still Guccifer2.0 when there's been nothing conclusive released by him in relation to CF for a few days now?
I suspect we're all being played... and recommend that people do not believe what anyone tells then (including the shit I say)... just look at the CLAIM, the EVIDENCE and the STATEMENTS from the source and you should be able to see the anomalies without anyone needing to tell you what has happened.
FWIW, Buzzfeed have also contacted him and said that they noticed a difference in his linguistic patterns. - Others have found additional inconsistencies with his claims.
21 comments
26 FluentInTypo 2016-10-07
This seems pretty likely which means the website is under FBI control, collecting IPs and interactions.
15 J_P_E_Zorg 2016-10-07
One big, sweet, and sticky honeypot.
5 FluentInTypo 2016-10-07
http://www.csoonline.com/article/3128759/security/metadata-wrecks-guccifer-2-0s-claims-of-a-clinton-foundation-hack.html
9 Vitalogy0107 2016-10-07
Oh fuck...
1 ghostwr1ter 2016-10-07
rip
12 greetingearthlings 2016-10-07
I wouldn't be surprised if Guccifer 2.0 is the same guy who was just arrested by the NSA, the guy who worked for Snowden's company. I think you have a good theory here.
2 J_P_E_Zorg 2016-10-07
that's interesting!
1 lactose_intoleroni 2016-10-07
Could also explain his "This is big." statement when it happened. Maybe he knew who Guccifer 2.0 was all along.
6 TheWestMall 2016-10-07
Relevant here as well.
"We always give the public their heroes, we give the heroes to every faction and the people, once they hear this person say all the right things, we give releases to them because he or she speaks for me, that's how we rationalize it and we sit back and re-guide it again, we say go here and go do that and they do it, we give our power to the authorized heroes." Albert Pike, From his book Morals & Dogma, 1871
5 [deleted] 2016-10-07
[removed]
1 Ambiguously_Ironic 2016-10-07
Rule 10. First warning.
2 J_P_E_Zorg 2016-10-07
Nice post. I found this page right after the wikileaks announcement. It's right up your alley
5 Treebeezy 2016-10-07
Where is that from? Never seen redaction look like that before, looks like a sloppy, too good to be true, fake.
3 d3fi4nt 2016-10-07
Beyond sloppy. Not only is the redaction done in a manner that makes the supposedly redacted text still legible in parts but identities pertaining to redacted parts, that sit right next to the redacted parts - are not redacted... and if Wikileaks make announcements, why not just link straight to that?!
I agree with your conclusion and certainly wouldn't rely on that as evidence to back anything up, it would be unnecessary and would be used as a straw-man to discredit the case I've laid out regarding G2.0.
if there's a copy hosted on Wikileaks own site/servers - then we stand corrected but I very much doubt that will be forthcoming. ;)
2 J_P_E_Zorg 2016-10-07
At this point, everything we think we know is probably fake. You can almost read through the redactions. Perhaps, someone can tweak the contrast or something to read the faint text.
In the last few weeks, so many docs have been dumped, I can't remember where I found it. But I think it was the night of the Wikileaks announcement/the day before the new G2.0 leak
edit: anyone daring enough to scan the barcode thingy?
2 Ahem_Sure 2016-10-07
I have considered this.
Has anyone compared the download from Guccifer 2 blog page, and made sure it is the same as the wikileaks election package?
Also, he doesn't have to be caught. He could have just had his page seized and gov/Clinton people posted this to discredit.
I figure he isn't in this country.
1 d3fi4nt 2016-10-07
He'd have to either be in a cooperation deal or detained - it's the only way they could be sure he wouldn't call out their acquisition of his identity through other channels.
0 [deleted] 2016-10-07
[deleted]
1 d3fi4nt 2016-10-07
Inconsistencies between his claims and what he provided supposedly in support of those claims does serve to be evidence of anomalous behavior from Guccifer2.0.
The sheer volume of supposedly randomly selected files almost entirely correlating with last 3-4 hacks/leaks demonstrates that it is very unlikely the 'take' from a new breach.
His apparent lack of knowledge on how to distribute the 'other data' he has - belies the fact Guccifer2.0 had already used or at least mentioned using Wikileaks for distribution previously... it's illogical for him to express what he expressed in his latest blog post.
There's enough here to recognize that Guccifer2.0 (or whoever it is) is behaving differently since his posts in September.
1 Time2SinTime2Live 2016-10-07
I'm pretty sure Here4Popcorn is a compromised mod installed on /r/DNCLeaks
DNCLeaks at some point had some strange mod transitioning and the sub became very vanilla. Here4Popcorn was one of the mods they installed on the sub.
Careful now.
Very telling he has appeared here defending whom you say was compromised.
1 d3fi4nt 2016-10-07
Well, to be fair, it's only right I concede that this isn't what I'd call hard proof. - But I think it's unrealistic to expect an admission or concession from the FBI.
However, I think what we do have is a large volume of circumstantial evidence and a likelihood of coincidence (relating to how the files purported to be from the CF server happen to almost entirely overlap with previous hacks/leaks) of millions to one. - All of the anomalies, in aggregate, for me at least... point to only one logical explanation.
1 Time2SinTime2Live 2016-10-07
Notice he has now deleted his comment :)
2 J_P_E_Zorg 2016-10-07
that's interesting!
1 lactose_intoleroni 2016-10-07
Could also explain his "This is big." statement when it happened. Maybe he knew who Guccifer 2.0 was all along.