In an election season wherehas been a major issue — from Hillary Clinton’s to the , believed to be , that and the — a group of computer scientists stumbled upon evidence possibly connecting a Donald Trump mail server to a separate server belonging to Russia’s Alfa Bank. The discovery, reported by Slate, came just as the New York Times reported that the FBI found no direct link between the Trump Organization and the Russian government.
Following revelations about theover the summer, a group of computer scientists wanted to look into whether the Trump campaign had been similarly compromised by hackers.
“We wanted to help defend both campaigns, because we wanted to preserve the integrity of the election,” one of the cybersecurity experts told Slate’s Franklin Foer upon condition of anonymity due to the sensitive nature of his work.
In the act of trying to uncover any malware that might be affecting Trump servers, a scientist who asked to be referred to by the pseudonym “Tea Leaves” detected what he thought was Russian-originating malware that had the destination domain “Trump” in its name. It was a “surprising needle in a large haystack,” and Tea Leaves wrote in his notes at the time that he had “an outlier here that connects to Russia in a strange way,” Foer reports. He also verified with leading U.S. computer science academics that Tea Leaves is a well-known authority in the field, with expertise in the Domain Name System, or DNS, which governs how communications flow from one computer to another.
Tea Leaves ended up finding that the Alfa Bank, a Moscow-based financial institution whose leaders have ties to Russian President Vladimir Putin, had a server that was “irregularly pinging” a server registered to the New York-based Trump Organization.
Computer logs indicate there were thousands of digital contacts. “The logs suggested that Trump and Alfa had configured something like a digital hotline connecting the two entities, shutting out the rest of the world, and designed to obscure its own existence,” Foer writes.
So, does this indicate some kind of wrongdoing? Is thecampaign in cahoots with Russia? No, it doesn’t reveal anything so decisive. It is unknown exactly what data transferred between the two email servers.
Other cybersecurity researchers approached by Slate said they were confused and concerned by the findings. Christopher Davis of the cybersecurity firm HYAS InfoSec Inc. told Slate that he had “never seen a server set up like that.”
He added, “It looked weird, and it didn’t pass the sniff test.”
Over at The Verge, Russell Brandom is less convinced. He says the data Tea Leaves was looking at amounted to digital “lookups” from DNS records, equivalent to the proverbial phonebook of the internet (yes, phonebooks, remember those?) There were multiple pings from the Russian bank’s server to mail1.trump-email.com, but the back-and-forth traffic may have resulted from “some combination of marketing and spam.”
“A server replying to a ping with an error message isn’t unusual,” Brandom writes. “Having such a majority of DNS queries come from a single source is more unusual, but there are lots of explanations that don’t involve espionage.”
Of course, these new questions come at a time when suspicions are already heightened about Russian interference in the campaign,and his former campaign manager .
That being said, the New York Times reported late Monday that theRussia’s potential meddling in the U.S. election and found no direct link to Donald Trump.
The FBI looked directly at the Trump campaign as well as Paul Manafort’s business ties. Sources told the Times that “apparent connections between some of Trump’s aides and Moscow originally compelled them to open a broad investigation.”
But according to the latest report, no clear evidence of wrongdoing was found.
And Trump has been emphatic in denying any ties to Russia or Putin. Back in July,: “I have nothing to do with Russia.”