Pundits and governments just might have given Russia too much credit, he says, when a whole system of manipulating people’s perception and psychology was engineered and operated from within the US.
Through extensive efforts, he built a secret network of self-reinforcing sites from the ground up. He devised a strategy that got prominent personalities—including Trump—to retweet misleading claims to their followers. And he fooled unwary American citizens, including the hacker’s own father, into regarding fake news sources more highly than the mainstream media.
“Russia played such a minor role that they weren’t even a blip on the radar,” the hacker told me recently. “This was normal for politicians, though… if you say a lie enough times, everyone will believe it.”
A note on sourcing: In a rigorous effort to fact-check the claims made here, Ars has seen written correspondence between the hacker and notable entities involved in producing fake news; emails sent to him by prominent personalities publicly known to own (or be associated with) fake news sites; tax forms showing income received by him from fake-news generation companies; receipts for IT asset purchases, such as domain names; emails from him to staff explaining strategy and assigning them tasks on a regular basis; and archived copies of webpages, forums, and tweets produced as a part of this large operation. We have also communicated with sources, both named and unnamed, some of whom are “writers” who worked at the same company and have corroborated the hacker’s claims.
Previously dubbed “Hacker X,” he’s now ready to reveal who he is—and how he did it.
The fake news impresario who has now decided to break his silence is “ethical hacker” Robert Willis.
Some in the information security community might know “Rob” today as an active member who speaks at conferences and works with the Sakura Samurai ethical hacking group. (The Sakura Samurai have, on many occasions, responsibly disclosed vulnerabilities in the computer systems of government and private entities. I have previously interacted with Rob on about two occasions, minimally, when I had questions regarding Sakura Samurai’s vulnerability writeups.)
But back in 2015, Willis was just another hacker looking for an IT job. He had already received one job offer—but still had an interview scheduled at one final company. “I was thinking of not showing up to the interview,” he told me. “I had, after all, just committed to another company.”
That final company was opaque—it would not reveal either its name or the actual job duties until Willis showed up in person. But the opacity was itself intriguing. Willis decided to do the interview. “I showed up at the location, which was a large corporate building. I was given directions to wait downstairs until I was collected. The secretiveness was intriguing. It may have turned some people off, but I love an adventure. I had not been given any information on the job other than that they were very excited, because to find someone like me was very rare—I had tons of random, overlapping, highly technical skills from years of wearing multiple hats at smaller private companies.”