August 13, 2016 • RBS

Categories: Security News

What Is DC Leaks?  

As stated from their website:

DCleaks is a new level project aimed to analyze and publish a large amount of emails from top-ranking officials and their influence agents all over the world.

Who Is Behind The DC Leaks (if you believe what they say on their website)?

The project was launched by the American hacktivists who respect and appreciate freedom of speech, human rights and government of the people.

Who Is George Soros?


George Soros as described from his own website:

George Soros has been a prominent international supporter of democratic ideals and causes for more than 30 years. His philanthropic organization, the Open Society Foundations, supports democracy and human rights in more than 100 countries.

Born in Budapest in 1930, George Soros is Chairman of Soros Fund Management LLC. As one of history’s most successful financiers, his views on investing and economic issues are widely followed.

George Soros is also known Chicago-based Clinton campaign volunteer, and donated $8 Million dollars to her campaign.

First Leak

DC Leaks in June 2016, dumped some documents from the Open Society Foundations:

Soros 2

Notice the tweet has a geolocation tag from Manhattan, NY.  This aligns with their statement they are “American hacktivists”. Right?

In the leak there were 113 files about the Open Society Foundation, which is the organization that George Soros runs.  In August, on their Twitter account they highlighted a specific part of the documents which said “Check George Soros’s OSF plans to counter Russian policy and traditional values”.

Soros 3

Open Society Foundations spokesperson Laura Silber said that they reported the breach to the Federal Bureau of Investigation in June.  She also added that an investigation by a security firm found the intrusion was limited to an intranet system used by board members, staff and foundation partners.  At this point it is unclear which security firm she is referring to that conducted the investigation.

Huge Leak

DC Leaks announced a new leak called “SOROS INTERNAL FILES – BIG DATA“.  The leak was published on August 13th and announced via their social media accounts including Facebook and Twitter.

Soros 4

Just as the leak is labeled, the data appears to be from  Soros internal systems.   The data published on the DC Leaks website as a sub domain was quickly analyzed by our RBS researchers.  

We can confirm that there are a total 2,576 files totaling 1.51GB in total which includes the following file types:

  • 1,413 PDF
  • 550 Docx
  • 225 Doc
  • 98 XLSX
  • 37 XLS
  • 20 PPT

The Soros subdomain is also broken down by the following sections:

  • USA – 967 files, 559MB
  • Europe – 651 files, 425MB
  • Eurasia – 224 files, 86.9MB
  • Asia – 26 files, 26.0 MB
  • Latin America – 84 files, 7.57 MB
  • Africa – 85 files, 38.1mb
  • World Bank – 42 files, 219 MB
  • President’s Office – 365 files, 114MB
  • SOUK – 81 files, 42.4 MB

The data itself contains a vast range of internal documents which includes scans and copies of funding reports, funding agreements, contracts and other similar internal documents.  There are also image files and rich text files as well.

Are DC Leaks Who They Say They Are?

It seems we are back to the attribution conversation yet again.  If you believe the postings on the DC Leaks website, then they are USA based activists.  This is very similar to what was saw with the Guccifer 2.0 leaks, who claimed to be Romanian, but pretty much everyone at this point agrees that Russia is behind the leaks.

The DC Leaks website has flown under the radar for the most part until now, and there hasn’t been a lot of security firms that we are aware of that has looked into the attribution and done proper research.  However, just today ThreatConnect published a detailed post that they have identified  “DC Leaks As Another Russian-backed Influence Outlet“.  

There will be more to come on this developing story for sure.

August 14th – Update published!

Our products
The Platform
Risk Based Intelligence
Learn more
Vulnerability Intelligence
Learn more
Cyber Risk Analytics
Threat Intelligence
Learn more
Risk Management
Learn more