A specialist in cybersecurity told the Wall Street Journal that digital fingerprints left behind by a hacker on emails and documents belonging to new French President Emmanuel Macron’s En Marche party show ties to the Kremlin.

According to Selahaddin Karatas, CEO of the San Francisco-based cybersecurity company SAASPASS, a deep look into caches of hacked records shows evidence that an employee who once worked with Russian internet firm Evrika was involved.

ADVERTISEMENT

Karatas noted that the man, who he did not identify, appeared nine times as the last person to have modified some of the files — although there is a question whether the man still works with the firm.

The security experts said it was unusual for someone with that level of skill to digital fingerprints behind.

“This is a schoolboy error and looks very strange to see it coming from someone who works at a government contractor. Attribution and provenance are hard to pinpoint, and it’s very easy to create fake trails to throw people of from those who may really be working with the data,” Karatas explained.

Karatas went on to note that Evrika does not appear, nor is it mentioned, in the metadata he has seen.

According to the Wall Street Journal, Evrika has offices in Moscow, St. Petersburg and Kursk, and the company has previously provided services for Russia’s Defense Ministry and the Federal Security Service, or FSB — Russia’s intelligence service.

ADVERTISEMENT

On Friday, Kremlin spokesman Dmitry Peskov denied Putin’s government had anything to do with the hacking of En Marche, saying accusations “mean nothing in and of themselves and are pure slander.”

The hacking of the French party mirrors Russian involvement in accessing computer servers at the Democratic National Committee prior to the 2016 election, with US intelligence officials believing the Russians attempted to influence the election in favor of now-President Donald Trump.