Skip to Content

Hacker Whose Tools Were Used in DNC Hack Steps Forward


A Ukrainian hacker called "Profexer" who built one of the tools used to penetrate the Democratic National Committee servers last year has turned himself in to authorities. According to a report today in the New York Times, the man, who first contacted Ukranian police earlier this year, claims he wrote a piece of software called the PAS Web shell, which the Department of Homeland Security has identified as malware used in the hack.

But the hacker maintains that he wasn't behind the attack, which resulted in the release of thousands of e-mails sent by DNC staffers in the thick of last year's U.S. presidential election season. “He told us he didn’t create it to be used in the way it was,” the chief of the Ukrainian Cyber Police, Serhiy Demediuk, told the Times. Because there is no evidence that he used the tool to carry out the attack, he wasn't arrested.

Profexer is now in touch with the FBI, and the big question is how the information he provides squares with the overwhelming consensus in the U.S. intelligence community that Russian operatives were behind the attack—in particular a government-run hacking group known as Fancy Bear. According to the Times report, Profexer was able to identify users involved in the DNC hack by their online handles (the full article is riveting, by the way, and also covers some of Russia's history of using Ukraine as a lab for honing its tactics in cyberattacks). 

Whether that will lead to finally unmasking members of Fancy Bear—a feat that has thus far eluded authorities and tech companies alike—remains to be seen. But it's a huge break in the case, and a striking window into the importance of cyber-operations in modern-day statecraft.