Cybersecurity experts found evidence of suspicious communications between a Trump Organization computer and a Russian bank in the summer of 2016 — and they also noticed a link to Betsy DeVos and her family.
The researchers set out to find whether Russian hackers had also targeted Republicans after news broke about the Democratic National Committee hacks, and their investigation surprised them, reported The New Yorker.
The group found Alfa Bank computers were repeatedly looking up the address of a Trump server located in Lititz, Pennsylvania, nearly every day in the summer of 2016 — and computer scientists who examined the contacts believe they were intentional attempts at human communication.
“The timing of the communication was not random, and it wasn’t regular-periodic,” said one researcher, identified only as Paul. “It was a better match for human activity.”
Alfa Bank looked up the Trump Organization’s domain more than two thousand times more than 2,000 times between May and September 2016.
Only one other entity — Spectrum Health — reached out to the Trump Organization’s domain with any frequency during that same period.
The Grand Rapids, Michigan-based company is closely linked to the DeVos family — Richard DeVos, Jr., husband of Education Secretary Betsy DeVos, is chairman of the board and named one of its hospitals after his mother.
The education secretary’s brother, Erik Prince, has been investigated by special counsel Robert Mueller for his contacts with Russia during the election and his reported efforts to set up a back channel between President Donald Trump and the Kremlin.
The Trump Organization’s domain was set up to send mass-marketing emails, and the researchers were puzzled why Spectrum Health was reaching out to a server that didn’t appear to be doing anything.
After analyzing the data, they concluded the linkups were a covert communications channel.
The Trump Organization, Alfa Bank and Spectrum Health have repeatedly denied any contacts — but FBI agents visited the offices where that server was housed in March 2017.
The server was housed at a company called Listrak, which helped blast out emails offering spa treatments and Las Vegas weekends, and its CEO says he gave agents everything they requested.
The Trump Organization domain — mail1.trump-email.com — stopped working Sept. 23, 2016, two days after a New York Times reporter gave potential evidence of communications to BGR, a Washington lobbying firm that worked for Alfa Bank, while working on an article.
The newspaper had not yet contacted Trump or his campaign about the communications.
The researchers believe an Alfa Bank representative had contacted the Trump Organization, which shut down that domain and set up another one under a new address.
Alfa Bank servers continued searching for the Trump domain for four more days, the researchers say.
Ten minutes after the last attempt, one of Alfa Bank’s servers looked up another domain — which researchers say had been configured to lead to the old Trump Organization server.