Trump Organisation under further FBI investigation for link to Russian bank

Computer scientist who leaked 'odd' connection said to have 'gone to ground'

Click to follow

The FBI is reportedly continuing its investigation into an alleged computer link between a Russian bank and the The Trump Organization, US officials have said.

Officers from the bureau and computer scientists are looking at whether there was any meaningful communication between Russian bank, Alfa, and Mr Trump’s business last year, sources told CNN.  

Questions about a meaningful link were widely dismissed by Mr Trump's team, but the investigation is in the hands of the same counterintelligence team which is looking into a suspected Russian hacking during the US Presidential election.

Leaked internet data shows that during the election campaign, a computer server owned by Alfa repeatedly looked up contact details for a computer server being used by The Trump Organization.

Between 4 May and 23 September last year, there were a total of 2,820 inquiries by the Alfa-owned server, representing 80 per cent of the searches for a particular server – mail1.trump-email.com.

Publicly available internet records show the server, registered to The Trump Organization, points to an IP address operated by a company in the tiny rural town of Lititz, Pennsylvania.

While there is no obvious impropriety in this, it has been described as “odd” by those looking into the case, with computer scientists explaining it would normally suggest an intention to communicate.

Computer researcher, Richard Clayton of Cambridge University, who has independently examined the evidence, said: “It's not so much a smoking gun as a faint whiff of smoke a long way away. Maybe there's something else going on. It's hard to tell.”

An anonymous IT expert known only as “Tea Leaves” who had access to the supposedly private technical information was sufficiently alarmed by it to pass it onto a group of computer scientists.

This group then passed the data to American media, including CNN and The New York Times.

Alfa Bank has said the most likely explanation is that the server communication was the result of spam marketing from the Trump Organisation as its executives have stayed at Trump hotels. Such marketing emails might have set off defensive cybersecurity measures at the bank, whose servers would respond with a reverse domain name server lookup.

Computer scientists agree that such an explanation is possible in theory, but say they want to see evidence – but some of those who originally examined the data are said to have gone to ground.

CNN reports that "Tea Leaves" now refuses to be interviewed through an intermediary.

Comments