The Conspirators spearphished individuals affiliated with the Clinton Campaign
throughout the summer of 2016. For example, on or about July 27, 2016, the Conspirators
attempted after hours to spearphish for the first time email accounts at a domain hosted by a thirdparty
provider and used by Clintonâs personal office. At or around the same time, they also
targeted seventy-six email addresses at the domain for the Clinton Campaign.
Hacking into the DCCC Network
23. Beginning in or around March 2016, the Conspirators, in addition to their spearphishing
efforts, researched the DCCC and DNC computer networks to identify technical specifications and
vulnerabilities.
a. For example, beginning on or about March 15, 2016, YERMAKOV ran a technical
query for the DNCâs internet protocol configurations to identify connected devices.
b. On or about the same day, YERMAKOV searched for open-source information
about the DNC network, the Democratic Party, and Hillary Clinton.
c. On or about April 7, 2016, YERMAKOV ran a technical query for the DCCCâs
internet protocol configurations to identify connected devices.
24. By in or around April 2016, within days of YERMAKOVâs searches regarding the DCCC,
the Conspirators hacked into the DCCC computer network. Once they gained access, they
installed and managed different types of malware to explore the DCCC network and steal data.
a. On or about April 12, 2016, the Conspirators used the stolen credentials of a DCCC
Employee (âDCCC Employee 1â) to access the DCCC network. DCCC
Employee 1 had received a spearphishing email from the Conspirators on or about
April 6, 2016, and entered her password after clicking on the link.
b. Between in or around April 2016 and June 2016, the Conspirators installed multiple
versions of their X-Agent malware on at least ten DCCC computers, which allowed
them to monitor individual employeesâ computer activity, steal passwords, and
maintain access to the DCCC network.
c. X-Agent malware implanted on the DCCC network transmitted information from
the victimsâ computers to a GRU-leased server located in Arizona. The
Conspirators referred to this server as their âAMSâ panel. KOZACHEK,
MALYSHEV, and their co-conspirators logged into the AMS panel to use
X-Agentâs keylog and screenshot functions in the course of monitoring and
surveilling activity on the DCCC computers. The keylog function allowed the
Conspirators to capture keystrokes entered by DCCC employees. The screenshot
function allowed the Conspirators to take pictures of the DCCC employeesâ
computer screens.
d. For example, on or about April 14, 2016, the Conspirators repeatedly activated
X-Agentâs keylog and screenshot functions to surveil DCCC Employee 1âs
computer activity over the course of eight hours. During that time, the Conspirators
captured DCCC Employee 1âs communications with co-workers and the passwords
she entered while working on fundraising and voter outreach projects. Similarly,
on or about April 22, 2016, the Conspirators activated X-Agentâs keylog and
screenshot functions to capture the discussions of another DCCC Employee
(âDCCC Employee 2â) about the DCCCâs finances, as well as her individual
banking information and other personal topics.
As long as his presidency is better than hers would have been, Iâm going be happy. Itâs not like there hasnât been scandals before. What do you think, that America is so innocent?
"This stand wasnât because I feel like Iâm being put down in any kind of way. This is because Iâm seeing things happen to people that donât have a voice: people that donât have a platform to talk and have their voices heard and affect change. So Iâm in the position where I can do that, and Iâm going to do that for people that canât."
Colin Kaepernick
â
"I hold both countries responsible. I think that the United States has been foolish. I think weâve all been foolish. ⌠And I think weâre all to blame."