Following the high-profile hack of the Democratic National Committee (DNC), a small group of prominent computer scientists took it upon themselves to carry out an investigation.
The New Yorker interviewed one of the group’s members, identified only as Max. Max revealed that the computer scientists concluded that if the reports at the time were true, and a Russian intelligence agency was behind the hack, then there was a reason to believe that the same hackers could also be hacking the Republican campaign.
“We were trying to protect them,” Max explained. However, shortly after embarking on the investigation, the computer scientists noticed some unusual web traffic.
Max and his team of respected computer scientists found a web domain in Lititz which was linked to the Trump Organization that was receiving a high volume of emails from a small group of foreign companies.
Among the web traffic to this domain, the New Yorker reports, was Alfa Bank, one of the largest banks in Russia. Alfa Bank communicated with the Trump-owned domain more than two thousand times between May and September of 2016.
Based on the very limited activity on the domain, and the high volume of web traffic from Alfa Bank, he concluded, “this was a covert communication channel.”
The Trump Organization and Alfa Bank have both since denied cooperating. However, this doesn’t explain the high volume of traffic from the bank of a Trump-owned domain.
Max and his group showed its findings to America’s leading computer experts at the country’s top universities. They confirmed to the New Yorker that they had independently reviewed the findings and confirmed that they are correct and, according to the New Yorker, “very difficult to fake.”
In 2016, Max attempted to share his findings and reached out to Eric Lichtblau, a journalist at the New York Times who had previously broken stories regarding NSA surveillance. Lichtblau began an investigation and spoke to several computer science experts.
Lichtblau’s conclusions corroborated Max’s, he told the New Yorker, “not only is there clearly something there but there’s clearly something that someone has gone to great lengths to conceal”, adding, “these people who should not be communicating are clearly communicating”.
As Lichtblau began writing up the story for release in the New York Times, the F.B.I. contacted him. At a meeting in September 2016 at the F.B.I. headquarters in Washington D.C., the F.B.I. asked Lichtblau to delay his article’s release.
In the months that followed, the F.B.I.’s interest in the findings faded. On September 23, the suspicious Trump-owned domain was deleted and vanished from the internet. The web traffic at this time shows Alfa Bank continued to try to reach the deleted domain. Then, four days later, the Alfa Bank traffic began communicating with another domain, which was configured to lead back to the very same Trump-owned server.
According to the New Yorker, this indicated calculated and decisive human interference. Someone within the Trump Organization closed the domain when they realized it had been compromised, then contacted Alfa Bank and provided a new domain address for contact.
Trump went on to win the election shortly after. Lichtblau left the New York Times in 2017, partly due to the way he felt the Alfa Bank story was handled.
Attorneys representing Alfa Bank have since contacted the prominent computer scientists who independently verified Max’s findings, asking for the identity of the group of computer scientists involved in the original investigation. However, their identities have not been revealed.