The Pied Piper

Exclusive: The Trump-Russia scandal has been a cover-up in search of a crime… until now. This is how Trump and Russia stole the US election.

Pyotr Levashov was vacationing with his wife and son in Barcelona in early April, when Spanish police, acting on an extradition request from the US, stormed their apartment and arrested him. The arrest of the 36-year-old Russian spam king was initially reported as a civil matter. Now it is emerging as one of the most significant breaks in the US case to prove that the Trump campaign colluded with Russia to swing the 2016 election campaign.

Screen Shot 2017-05-27 at 4.17.06 PMLevashov hails from St. Petersburg, Russia’s second largest city. From there, he made a small fortune peddling stolen data he gathered through phishing expeditions and building a botnet called “Kelihos,” described in his US indictment as “a network of computers infected with a malicious software that allows a third party to control the entire computer network without the knowledge or consent of the computer owners.”

Levashov allegedly controlled and operated the Kelihos botnet to, among other things, harvest personal information and means of identification [including email addresses, usernames and logins, and passwords] from infected computers.

Levashov lived a life largely in the shadows, never meeting business associates in person and rarely talking on the phone. His preferred method of communication was via encrypted messages but his efforts at concealment may have failed him – well before his arrest and indictment by the United States this year.

During the 2012 Russian presidential election campaign which returned Vladimir Putin to the Presidency in that country, Levashov’s spam machine had pivoted from cybercrime to pursuing a political agenda – mostly at the behest of Vladimir Putin. According to the New York Times:


“The Kelihos virus, which had been devised to spread spam, was used during the Russian election in 2012 to send political messages to email accounts on computers with Russian I.P. addresses. The emails linked to fake news stories saying that Mikhail D. Prokhorov, the businessman running for president against Vladimir V. Putin, had come out as gay.”

In online cybercrime forums, Levashov is known as “Pyotr Severa” (Russian for “Peter of the North”). He is still listed among the Top 10 spammers in the world, according to spam tracking group Spamhaus. After Putin won the 2012 presidential elections in Russia, online chatter in those forums hinted Levashov had been been arrested by the FSB, Russia’s successor to the KGB, according to security and investigative journalist Brian Krebs.

At around this time, Putin and his spy agency had come up with the idea of recruiting an army of cyber criminals to open a new digital front in their espionage war against the US and other foes around the world. Their recruits had no real choice in the matter. It was either work for the FSB, or face jail time.

If the online chatter of Levashov’s arrest in 2012 was true, there was no sign of it in reality. He continued to live a lavish lifestyle, operating his cybercriminal ring online until his arrest in Spain at the request of the US Justice Department, on April 7.

While the US indictment and subsequent press reports went to great lengths to underscore “there was no national security” aspect to the arrest, a leading Spanish daily seemed to contradict that stance. El Pais trumpeted in a headline:

“Prison for Russian hacker accused of computer attacks during US elections.”

Citing FBI investigators, El Pais had confirmed sources Levashov was arrested for involvement in the hacking of DNC servers and other Kremlin operated attempts to destabilize the US Democracy.

“[Levashov participated] in a battery of computer attacks aimed at influencing the Presidential elections […] According to FBI investigators, Moscow organized an alleged hacking of Democratic Party computers, later filtering manipulated emails from Hillary Clinton and thus paving the way for Trump’s victory.”

Levashov’s wife, who was in the apartment with their son when the spam lord was arrested, told Russia Today: “I talked to my husband on the phone when I was at the police station and he told me that he was told something about a virus that he supposedly had created and that was related to Trump’s victory”.

This figure shows a snapshot of systems infected with Kelihos communicating with the sinkhole created to disable it.

Was Levashov’s arrest in Spain for a crime far more serious than even being one of the globe’s biggest spam lords? Levashov may indeed be the lynchpin in the extensive Trump-Russia cyber operation which disrupted the 2016 election – by hacking the Democratic Party servers and the election state voter rolls in Illinois and Arizona.

The data collected in those hacks – of millions of Americans private details, and control of their computers – was then laundered through a controversial server located in the Trump Tower and controlled by the Trump campaign. It’s believed this was the nexus of a massive “data-laundering” operation created by the Trump campaign to compile a database of hacked voter registration data, DNC supporters and information provided by Spectrum Health. The server made hourly check-ins with the Kremlin-aligned Alfa Bank and US-based Spectrum Health (run by Betsy DeVos’ husband, Dick). It’s worth remembering the server was under surveillance by the FBI under a Foreign Intelligence Surveillance Court warrant, so its activities are well known to investigators.

Investigators are analyzing the data, stolen by Russian hackers, to determine if it was used to create a mailing and social media list for the Trump campaign to target fake news manufactured by its allies at Breitbart, Russia Today, and Infowars.

Levashov may have worked for the FSB and Trump – but he was used to a lavish lifestyle and was by no means cheap or free. His payment may now provide investigators with their first hard clue of collusion between Russia and Trump.

Knowing what we know about the FSB’s cyber intelligence recruitment effort of known criminal hackers, it should make the Trump campaign and Vladimir Putin very nervous about what he may be telling the FBI. Investigators must also be turning their eye to Dick DeVos, who owns Spectrum Health and who also happens to be the husband of Betsy DeVos, who were both big donors to Trump’s campaign.

On Friday, new revelations emerged that Trump’s son-in-law and senior adviser Jared Kushner was seeking to establish a private back-channel communications channel with the Russians, using Russian espionage facilities, to avoid eavesdropping by the US Intelligence Community. It’s also now an open secret former National Security Adviser Michael Flynn is squealing on his ex-boss to the FBI.

The White House’s efforts to shut down the investigation, the continued revelations of far-ranging meetings between Trump and Russian officials, along with an analysis of this data is forming the framework for FBI and legislative investigations. The White House has responded with what many are terming a “war room operation” to push back against the claims. As if to underscore the urgency, the President began his Sunday of a Memorial Day weekend meeting with his lawyers.

Become a patron at Patreon!

4 thoughts on “The Pied Piper

  1. Excellent summary. This is the most detailed narrative yet, somehow touching on all these phrases we’ve become so familiar with in a broad sense, yet which you have managed to put together in an easily readable and fact-filled way. Very impressive. I hope you will consider using your fantastic storytelling skills to write a book about the biggest and most terrifying historical event yet. You have a natural voice which many will choose for the one tome which manages to tell all without losing any readers along the way.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.