Skip to content
Breaking News Alert House Republicans Fail To Hold Merrick Garland In Contempt Of Congress

Emails Show Researchers Who Alleged Trump Links To Russian Alfa Bank Were Anti-Trump


“Do the f-cking alfa bank secret comms story, it is hugely important,” Fusion GPS’s Peter Fritsch pushed a media contact in the final weeks before the November 2016 general election, according to emails obtained by an open records request. “Call David Dagon at Georgia tech,” Fritsch would then insist when the Reuters News investigative reporter countered that the problem with the story was an inability to authenticate the data.

While Dagon may have been an expert in the data crunching, emails recently obtained by The Federalist from Georgia Tech reveal Dagon was something more—he was an anti-Trump, Russia-collusion conspiracy theorist.

Dagon’s name first became connected with the Alfa Bank story when Special Counsel John Durham indicted Michael Sussmann two months ago, charging the Hillary Clinton campaign lawyer with lying to FBI General Counsel James Baker.

What the Indictment Says about the Alfa Bank Story

According to the indictment, when Sussmann met with Baker on September 19, 2016, and provided the top FBI lawyer with “white papers” and data files purporting to establish a secret communications channel between the Trump organization and the now famous Russia-connected Alfa Bank, Sussmann falsely claimed he was not there on behalf of a client. In truth, though, Sussmann was working both for the Clinton campaign and an unnamed “U.S. technology industry executive,” the indictment charged.

The 27-page speaking indictment then detailed the origins of the Alfa Bank story. In July 2016, a computer researcher, using the moniker “Tea Leaves” and referred to in the Sussmann indictment as “Originator-1,” “had assembled purported DNS data reflecting apparent DNS lookups between Russian Bank-1 and an email domain, ‘” “Tea Leaves,” a business associate of Tech-Executive 1, shared her information with Tech-Executive 1 and others, with Tech-Executive 1 alerting Sussmann to the data.

According to the indictment, Tech Executive-1 later “exploited his access to non-public data at multiple Internet companies to conduct opposition research concerning Trump,” and enlisted “the assistance of researchers at a U.S.-based university who were receiving and analyzing Internet data in connection with a pending federal government cybersecurity research contract.”

The indictment further alleged that in early August 2016, “Tech Executive-1 directed and caused employees of two companies in which he had an ownership interest,” “to search and analyze their holdings of public and non-public internet data for derogatory information on Trump.” He also “tasked originator-1 and two computer researchers (‘Researcher-1’ and ‘Research-2’) who worked at a U.S.-based university (‘University-1’) to search broadly through Internet data for any information about Trump’s potential ties to Russia.” Among the data searched, the indictment alleged, was data Tech-Executive 1 had provided to Originator-1, Researcher-1, and Researcher-2.

Tech Executive 1 had provided the researchers access to that data to allow them to establish “proof of concept” for work they were seeking to perform under a government contract, which was eventually awarded in November 2016. Some of the data the university accessed from Tech-Executive 1’s internet company during this “proof of concept” stage included data the company had access to because it was a “sub-contractor in a sensitive relationship between the U.S. government and another company.”

While the data was provided to allow the researchers to protect U.S. networks from cyberattacks, according to the indictment, Originator-1, Researcher-1, and Researcher 2 also exploited the “data to assist Tech Executive-1 in his efforts to conduct research concerning Trump’s potential ties to Russia,” including the allegations about the secret communication channel between Trump’s organizations and Alfa Bank.

The Unnamed Players Go Public

Within hours of the indictment dropping in mid-September, internet sleuths began postulating on the likely names behind the numbering. By month’s end, the players went public, lawyers in hand.

The attorney for Manos Antonakakis, Mark Schamel, told The New York Times that his client, the unnamed “Researcher-1” and a computer scientist at Georgia Tech, had “provided feedback on an early draft of data that was cause for additional investigation.” Their hypothesis, “to this day, remains a plausible working theory,” Schamel, claimed.

Lawyers for Dagon confirmed to The New York Times that he was the second Georgia Tech data scientist discussed in the indictment. Dagon’s attorneys were more positive in their rejoinder, telling the Times the Alfa Bank results “have been validated and are reproducible. The findings of the researchers were true then and remain true today; reports that these findings were innocuous or a hoax are simply wrong.”

“Originator-1” is April Lorenzen, her attorney, Michael J. Connolly, confirmed. Lorenzen, the chief data scientist for Zetalytics, has “dedicated her life to the critical work of thwarting dangerous cyberattacks on our country,” Connolly intoned, adding: “Any suggestion that she engaged in wrongdoing is unequivocally false.”

And then there’s the man behind the mission: Tech Executive-1, identified as Rodney Joffe. Joffe’s lawyer, Steven A. Tyrrell, told the Times “his client had a duty to share the information with the F.B.I. and that the indictment “gratuitously presents an incomplete and misleading picture” of his role.

Emails obtained via an open records request to Georgia Tech, however, provide a picture of the politics behind the players who formulated and fed the Alfa Bank theory to Sussman, who in turn peddled it to the FBI. Some of the emails showed Joffe, Antonakakis, Dagon, and Lorenzen, or some combination of the four, merely exchanging media links of anti-Trump articles related to Trump or his team and supposed Russia connections.

But after Trump’s victory and later inauguration, the vitriol and tinfoil hattery lived loudly within emails Dagon sent.

“The Russians are killing spies with knowledge of the dossier materials,” Dagon wrote to Antonakakis in late January, linking to an article reporting of the death of a former KGB chief who allegedly helped to compile the “golden showers” dossier on Trump. Dagon then said his guess was “the purged NSC will now say that Russia has given us great intel on ISIS, and that we should lift sanctions now that Russia is helping.” “All this to protect Trump from the dossier materials,” Dagon ended his tirade.

A few minutes later, Antonakakis replied, “What the f-ck is going on? Can you please explain why GOP is not doing something?” Dagon’s response could have been a parody, but it wasn’t:

While the politics of some random researchers are their concern, when they allegedly assisted Joffe, as the indictment indicates, that made it everyone’s business. It was Joffe, however, who handed off the data to Fusion GPS and Sussmann, and Sussmann who allegedly lied to FBI General Counsel Baker.

Further, unlike Joffe, who worked hand-in-hand with Sussmann, according to Fusion GPS employee Laura Seago, who had worked on the Alfa project, she was not aware of anyone at Fusion GPS communicating with either Dagon or Antonakakis. And while she had heard Dagon’s name before, Seago first came across Antonakakis’s name in a newspaper article.

Antonakakis has not had any contact with Sussman, Marc Elias, or Fusion GPS, his lawyer Mark Schamel told The Federalist. “In this case,” Schamel added, “he reviewed a narrative presented to him by a well-known and respected researcher and provided his feedback, as he does for more than 100 unpublished research articles he receives every year.” Attorneys representing Lorenzen and Dagon did not return requests for comment.

Allegedly Sharing Non-Public Internet Data

While the charge against Sussmann concerned his alleged lie to Baker over whether he was representing anyone in sharing the Alfa Bank intel, a larger issue raised in the indictment concerns Joffe’s alleged sharing of internet company data with the researchers.

Joffe “caused employees of two companies in which he had an ownership interest to search and analyze their holdings of public and non-public internet data,” the indictment charges. Also, according to the indictment, the data Georgia Tech accessed included the “DNS data of an Executive Branch of office of the U.S. government, which Internet Company-1 had come to possess as a sub-contractor in a sensitive relationship between the U.S. government and another company.”

While the purpose of providing Georgia Tech access to that data was to enable researchers “to protect U.S. networks from cyberattacks” from July 2016 through at least February 2017, the indictment alleged, Lorenzen, Antonakakis, and Dagon “also exploited Internet Company-1’s data and other data to assist Tech Executive-1 in his efforts to conduct research concerning Trump’s potential ties to Russia,” including the Alfa-Bank allegations that Sussmann later fed the FBI.

In one email dated July 31, 2016, Antonakakis wrote Joffe with a subject line of “one more data request.” That email and all of the others provided to The Federalist by Georgia Tech used Joffe’s email address. Notably, in this email Antonakakis quipped that he was not a Joffe customer yet, in an apparent reference to the fact that the government contract under which Georgia Tech would purchase services from Joffe’s internet company had not yet been awarded.

An individual at Neustar, Steve DeJong, who was not on the original email, replied three hours later in an email with the “one more data request” subject line, saying he received the request.

Whether these emails concerned the Alfa Bank project or the proof of concept project is unknown, and neither Neustar nor De Jong responded to requests for comment.

None of the other emails expressly discussed the Alfa Bank project either, but several were nonetheless suggestive, such as an email from Antonakakis to Lorenzen with Joffe CCed, dated August 20, 2116, with the regarding line saying “mta,” which likely means “message transfer agent” or “mail transfer agent,” which is an internet email system that transfers electronic mail from one computer to another.

In the text of that email, Antonakakis wrote: “The conclusion here is that there is no conclusion.” Hours later Joffe sent an email to Antonakakis, Dagon, and Lorenzen, with “fist analysis” as the subject, likely meaning “first analysis.” “F-ck,” followed by “<sigh>” was all he said.

While it is possible these exchanges concerned the proof of concept work the researchers needed to complete for the upcoming government contract, the timing of the emails fits the Sussmann indictment’s allegations.

“On or about August 19, 2016, Researcher-1 queried internet data maintained by Internet Company-1 for the aforementioned domain,” the indictment alleged, continuing: He “then emailed Tech Executive-1 and others a list of domains that had communicated with it—none of which appeared to have links to Russia.”

Another email shows Lorenzen, on August 21, 2021, emailing Antonakakis and Dagon about establishing a Github account to serve as “a private repository for keeping the list of domains in sync.” If this work concerned the government contract for proof of concept, Lorenzen’s suggestion for a Github account seems strange.

Neither Lorenzen nor Dagon’s attorneys responded to a request for comment, but Antonakakis’ attorney unequivocally stated that Antonakakis did not use a Github account.

Another question the documents did not answer concerned whether there were any restrictions placed on the Georgia Tech researchers during the pre-contract, “proof of concept stage.” The eventual contract Georgia Tech signed limited the access, use, or disclosure of government data, but according to the indictment, Joffe and his connected companies provided the researchers access to the various data they supposedly then “exploited.”

Here, then, really, are the questions needing answers: Did Joffe improperly provide Lorenzen, Dagon, or Antonakakis access to data? If so, did they know that? Or if the data shared was properly accessed, were there any restrictions on the use or publication of that data? If so, what were they?

Aside from Sussmann’s alleged lie to the FBI, this case may be nothing more than a further expose of how the liberal media feeds a false narrative to benefit its politics of choice—but that is bad enough by itself.

Travis Miller contributed to this report.