DC Leaks includes a small “portfolio” of roughly 300 emails from Republican targets, including purported emails from the campaign staffs for Sen. John McCain and Lindsey Graham. | AP Photo Suspected Russian DNC hackers also hit GOP, researchers say

Hackers linked to Russian intelligence services may have targeted some prominent Republican lawmakers, in addition to their well-publicized spying on Democrats, based on research into leaked emails published on a little-noticed website.

The site, DC Leaks, launched in June but started getting new attention in recent days, when researchers said they had uncovered ties between the site and suspected Moscow-backed hackers. Those are the same hackers whom researchers have blamed for previous digital break-ins at the Democratic National Committee and the Democratic Congressional Campaign Committee.


“We believe DC Leaks is another Russian-backed influence outlet,” digital security firm ThreatConnect said in a Friday blog post.

The site’s content is heavily weighted toward Democratic targets, including data dumps from a former top NATO general, major Democratic fundraiser George Soros and a prominent Clinton campaign volunteer.

But the site also includes a small “portfolio” of roughly 300 emails from Republican targets, including purported emails from the campaign staffs for Sen. John McCain, a 2008 presidential hopeful, and Lindsey Graham, who briefly ran for president during this cycle. Both lawmakers are stalwart critics of Russian President Vladimir Putin. Also included in the dump are emails from 2012 GOP presidential candidate Michele Bachmann and party officials in several states.

If the hackers were indeed targeting high-level politicians from both major parties, that may complicate Hillary Clinton supporters’ narrative that Putin’s regime is trying to put Donald Trump in the White House.

But the presence of GOP-affiliated emails could also be part of a disinformation campaign meant to make the site seem nonpartisan, cautioned Toni Gidwani, director of research operations at ThreatConnect, in an interview with POLITICO.

Exposing both parties could “bolster the credibility of DC Leaks as a hacktivist outlet,” she said.

None of the Republicans named in the DC Leaks portfolio immediately responded to requests for comment. Email leaks do not necessarily mean that hackers have breached the GOP officials who appear on DC Leaks.

ThreatConnect said Friday that the digital forensics and circumstantial evidence surrounding DC Leaks pointed to Russia’s involvement.

“Guilt by association,” Gidwani explained.

DC Leaks’ registration and hosting information aligns with practices of the hacking group blamed for the DNC and DCCC intrusions. Researchers say the group, which they dub “Fancy Bear,” has longstanding ties to Russia’s military intelligence agency, known as the GRU.

The site also includes leaked emails from people whose accounts were breached using digital schemes that were “almost by-the-book, a known Fancy Bear attack pattern,” Gidwani said.

Others who appear on the site, such as the NATO general, have been central to American foreign policy in Russia.

And on Friday, the tabloid news site The Smoking Gun — which regularly reports on and posts leaked documents, legal filings and mugshots — reported it had connected the site to “Guccifer 2.0,” the mysterious hacker who took credit for the DNC intrusion and is thought to be a Russian cover-up operation.

ThreatConnect reviewed the exchanges between Guccifer 2.0 and The Smoking Gun, concluding that Guccifer 2.0 was intricately linked, behind the scenes, to DC Leaks.

Guccifer 2.0 was able to provide The Smoking Gun’s reporters with exclusive login information to view protected DC Leaks information, including alleged emails from a Clinton campaign volunteer named Sarah Hamilton. Yet the Guccifer 2.0 persona never publicly mentioned DC Leaks.

After examining these digital exchanges, ThreatConnect concluded, “We assess that DC Leaks is another Russian influence operation, possibly put on by the same Russian actors behind the Guccifer 2.0 persona.”

DC Leaks’ content has not had nearly the same impact as the leak of 20,000 hacked DNC emails that appeared on the site WikiLeaks just before the Democrats’ convention in July. That dump — which showed evidence of favoritism toward Clinton over insurgent presidential candidate Sen. Bernie Sanders — forced the resignation of Chairwoman Debbie Wasserman Schultz. Several other top staffers were ousted shortly after.

Subsequent revelations disclosed that breaches had also affected the DCCC, Clinton’s campaign and more than 100 other email accounts for Democratic-affiliated officials and organizations. That has led to a pervasive fear among progressives that the entire Democratic political apparatus is in the crosshairs of Russian hackers.

“Everybody is very prepared to respond to the release of any new email hacks,” Brad Bannon, a D.C.-based Democratic strategist, told POLITICO on Thursday. “A lot of people are very concerned and are going to be very careful.”

Over at DC Leaks, however, the trove of exposed information went overlooked for more than two months.

Yet the growing belief that Russia is behind the site is causing a reexamination of the material — and of Moscow’s motives.

The heightened attention may also cause some Republicans to fear becoming targets of Russia’s digital wrath.

Personal emails from retired U.S. Gen. Philip Breedlove — formerly the top military commander at NATO — have already started to cause a stir. As first reported by the Intercept in July, Breedlove expressed concerns that the Obama administration wasn’t adequately committed to European security.

“I do not see this WH really ’engaged’ by working with Europe/NATO,” he wrote in one message that appeared on DC Leaks.

An initial scan by POLITICO of the Republican-linked emails did not uncover any bombshell revelations. Samples of messages included a job application for McCain’s 2016 reelection campaign, an invitation for Graham to give a speech at an industry conference and numerous news releases.

“DC Leaks provides Russia with another platform that they can use to hide their hand and conduct influence operations in the U.S.,” ThreatConnect said in its blog post. “Such operations may ultimately help Russia sway public opinion or media coverage in a way that benefits Moscow.”