Cybercrime , Fraud Management & Cybercrime , Incident & Breach Response

Romanian Hacker 'Guccifer' to Be Extradited to US

Taxi Driver Turned Hacker Is Serving 7-Year Prison Sentence in His Home Country

A Romanian court has ruled that the notorious hacker "Guccifer," who discovered the existence of Hillary's Clinton's private email server, will be extradited to the U.S. to serve a 52-month prison sentence after he finishes serving a seven-year sentence in his home country

See Also: Top 5 Log Sources You Should Be Ingesting but Probably Aren't

Guccifer - a portmanteau of Gucci and Lucifer - was the hacker handle used by Romanian Marcel Lehel Lazar, 46, a former tax driver who has admitted to perpetrating a string of email and social media account compromises.

Lazar's hacking spree included targeting Romanian celebrities and officials, including lawmakers and members of the state security services. He reportedly gained access to victims' Gmail, Facebook, AOL and other accounts by guessing their weak passwords.

On Monday, the Alba Iulia Court of Appeal in Romania ruled that after Lazar finishes serving a seven-year sentence for those crimes, he will be sent to the United States to serve a 52-month sentence.

Lazar, who's currently incarcerated in the Romanian city of Deva, can appeal the Romanian court's ruling.

Indicted in US in 2014

U.S. prosecutors indicted Lazar in June 2014 just after he was sentenced to serve a prison sentence in Romania for similar offenses.

In March 2016, Romania released Lazar early and sent him to the U.S., where he pleaded guilty in the U.S. District Court for the Eastern District of Virginia to aggravated identity theft and unauthorized access to a computer. He was sentenced to serve 52 months in federal prison.

"From at least October 2012 to January 2014, Lazar intentionally gained unauthorized access to personal email and social media accounts belonging to approximately 100 Americans, and he did so to unlawfully obtain his victims' personal information and email correspondence," the Justice Department said in a 2016 statement following Lazar's sentencing.

Lazar's victims included former Secretary of State Colin Powell as well as President George W. Bush, from whom the hacker stole and released a self-portrait Bush painted of himself in the bathtub.

Lazar also revealed that then-Democratic presidential nominee Hillary Clinton had used a private email address while serving as the U.S. secretary of state, fueling a scandal that dogged her campaign. The FBI launched an investigation, ultimately concluding that there was no evidence of wrongdoing or signs that anyone had hacked the email server.

After pleading guilty in U.S. federal court, Lazar was returned to Romania, at Romanian authorities' request, to finish serving his seven-year sentence.

The Birth of Guccifer 2.0

Guccifer shouldn't be confused with "Guccifer 2.0," a hacker that claimed to be Romanian but who apparently didn't speak the language. Guccifer 2.0 claimed credit for breaching the Democratic National Committee and dumping stolen data, including thousands of emails stolen from the personal email account of John Podesta, Clinton's 2016 presidential campaign chairman.

Last year, Lazar alleged that Guccifer 2.0 was really a U.S. government front. "I think Guccifer two-zero is something made from some guys at the State Department," he told Fox News. "Some guys from the Cyber Command of the NSA, and some guys from the Vault, Vault 7 of the CIA."

Earlier this year, however, a report surfaced that Guccifer 2.0, whose IP address had always been masked by a VPN, had failed to activate the VPN on at least one occasion, revealing an IP address that traced back to the headquarters of Russia's GRU military intelligence agency in Moscow (see Report: Guccifer 2.0 Unmasked at Last).

In July, the Justice Department indicted 12 members of the GRU, charging them with hacking into computers - and for some, with trying to hack a state election board and election software firms - as part of a disinformation campaign designed to influence the U.S. elections (see 10 Takeaways: Russian Election Interference Indictment).

"These GRU officers, in their official capacities, engaged in a sustained effort to hack into the computer networks of the Democratic Congressional Campaign Committee, the Democratic National Committee and the presidential campaign of Hillary Clinton, and released that information on the internet under the names 'DCLeaks' and 'Guccifer 2.0' and through another entity," according to the Justice Department.