Cybercrime , Fraud Management & Cybercrime , Incident & Breach Response

Romanian Hacker 'Guccifer' to Be Extradited to US

Taxi Driver Turned Hacker Is Serving 7-Year Prison Sentence in His Home Country
Romanian Hacker 'Guccifer' to Be Extradited to US

A Romanian court has ruled that the notorious hacker "Guccifer," who discovered the existence of Hillary's Clinton's private email server, will be extradited to the U.S. to serve a 52-month prison sentence after he finishes serving a seven-year sentence in his home country

See Also: The Need for a Breakthrough in Cybersecurity

Guccifer - a portmanteau of Gucci and Lucifer - was the hacker handle used by Romanian Marcel Lehel Lazar, 46, a former tax driver who has admitted to perpetrating a string of email and social media account compromises.

Lazar's hacking spree included targeting Romanian celebrities and officials, including lawmakers and members of the state security services. He reportedly gained access to victims' Gmail, Facebook, AOL and other accounts by guessing their weak passwords.

On Monday, the Alba Iulia Court of Appeal in Romania ruled that after Lazar finishes serving a seven-year sentence for those crimes, he will be sent to the United States to serve a 52-month sentence.

Lazar, who's currently incarcerated in the Romanian city of Deva, can appeal the Romanian court's ruling.

Indicted in US in 2014

U.S. prosecutors indicted Lazar in June 2014 just after he was sentenced to serve a prison sentence in Romania for similar offenses.

In March 2016, Romania released Lazar early and sent him to the U.S., where he pleaded guilty in the U.S. District Court for the Eastern District of Virginia to aggravated identity theft and unauthorized access to a computer. He was sentenced to serve 52 months in federal prison.

"From at least October 2012 to January 2014, Lazar intentionally gained unauthorized access to personal email and social media accounts belonging to approximately 100 Americans, and he did so to unlawfully obtain his victims' personal information and email correspondence," the Justice Department said in a 2016 statement following Lazar's sentencing.

Lazar's victims included former Secretary of State Colin Powell as well as President George W. Bush, from whom the hacker stole and released a self-portrait Bush painted of himself in the bathtub.

Lazar also revealed that then-Democratic presidential nominee Hillary Clinton had used a private email address while serving as the U.S. secretary of state, fueling a scandal that dogged her campaign. The FBI launched an investigation, ultimately concluding that there was no evidence of wrongdoing or signs that anyone had hacked the email server.

After pleading guilty in U.S. federal court, Lazar was returned to Romania, at Romanian authorities' request, to finish serving his seven-year sentence.

The Birth of Guccifer 2.0

Guccifer shouldn't be confused with "Guccifer 2.0," a hacker that claimed to be Romanian but who apparently didn't speak the language. Guccifer 2.0 claimed credit for breaching the Democratic National Committee and dumping stolen data, including thousands of emails stolen from the personal email account of John Podesta, Clinton's 2016 presidential campaign chairman.

Last year, Lazar alleged that Guccifer 2.0 was really a U.S. government front. "I think Guccifer two-zero is something made from some guys at the State Department," he told Fox News. "Some guys from the Cyber Command of the NSA, and some guys from the Vault, Vault 7 of the CIA."

Earlier this year, however, a report surfaced that Guccifer 2.0, whose IP address had always been masked by a VPN, had failed to activate the VPN on at least one occasion, revealing an IP address that traced back to the headquarters of Russia's GRU military intelligence agency in Moscow (see Report: Guccifer 2.0 Unmasked at Last).

In July, the Justice Department indicted 12 members of the GRU, charging them with hacking into computers - and for some, with trying to hack a state election board and election software firms - as part of a disinformation campaign designed to influence the U.S. elections (see 10 Takeaways: Russian Election Interference Indictment).

"These GRU officers, in their official capacities, engaged in a sustained effort to hack into the computer networks of the Democratic Congressional Campaign Committee, the Democratic National Committee and the presidential campaign of Hillary Clinton, and released that information on the internet under the names 'DCLeaks' and 'Guccifer 2.0' and through another entity," according to the Justice Department.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.