FBI probing server connection between Trump Organization and Russian bank first reported in October
President Donald J. Trump at CPAC 2017 (Michael Vadon/Flickr)

The FBI and a group of computer scientists are examining whether a computer server connection exists or existed between the Trump Organization and a Russian bank, a charge originally levied—and widely dismissed—back in October 2016.


CNN reports that the FBI is continuing to look into a potential connection, as part of its ongoing investigation into Russian interference in the 2016 election, with one U.S. official telling the outlet the server relationship is “odd,” though they declined to say whether investigators consider it significant.

The story first surfaced in an Oct. 31, 2016 article published in Slate, asking, “Was a Trump server communicating with Russia?” That story—widely panned by critics, including a team of journalists writing for the Intercept, who called Slate’s reporting “dramatic”—traces “a community of malware hunters” who, after discovering that Russian hackers infiltrated the Democratic National Committee, decided to test out whether Russia was also attempting to hack the Republican National Committee and the Donald Trump campaign.

“We wanted to help defend both campaigns, because we wanted to preserve the integrity of the election,” one of the computer scientists told Slate at the time.

As Slate’s Franklin Foer reports, a scientist who goes by the pseudonym “Tea Leaves,” flagged malware coming from Russia that appeared to connect to a domain with Trump in its name. After a group of computer researchers began logging the communications, it became apparent the communication was not a malware attack, but rather “resembled the patter of human conversation.” The researchers discovered “a sustained relationship between a server registered to the Trump Organization and two servers registered to an entity called Alfa Bank.”

As CNN notes, Alfa—a Russian Bank—“looked up the address to a Trump corporate server [registered to the Trump Organization] 2,820 times—more lookups than the Trump server received from any other source.”

In a statement after the October Slate report, Alfa bank maintained that any “supposed connection between Alfa and Trump is false,” adding the “working hypothesis is that the activity … was caused by a spam attack targeting Alfa Bank by a marketing server.” The statement further suggested the activity may “have been initiated by someone for the purpose of discrediting” Trump and Alfa Bank.

But L. Jean Camp, a computer scientist at Indiana University, cast doubts on Alfa’s explanation. "If it were spam, then a lot of other organizations would be doing DNS lookups. There would be evidence of widespread connectivity with devices," Camp told CNN.

The server recently resurfaced in the same Breitbart article that prompted Trump to levy his unsubstantiated claim that former president Barack Obama wiretapped Trump Tower during the 2016 election. According to CNN, no FISA warrant has been issued for the server.

Alfa maintains that the bank had no connection to Trump or the Trump Organization, telling CNN the bank’s owners “have never met Mr. Trump nor have they or Alfa Bank had any business dealings with him.”

“Neither Alfa Bank nor its officers have sent Mr. Trump or his organization any emails, information or money,” the bank told CNN. “Alfa Bank does not have and has never had any special or exclusive internet connection with Mr. Trump or his entities."