Last year, a small group of computer scientists obtained internet traffic records from the complex system that serves as the internet’s phone book. Access to these records is reserved for highly trusted cybersecurity firms and companies that provide this lookup service.
These signals were captured as they traveled along the internet’s Domain Name System (DNS).
These leaked records show that Alfa Bank servers repeatedly looked up the unique internet address of a particular Trump Organization computer server in the United States.
In the computer world, it’s the equivalent of looking up someone’s phone number — over and over again. While there isn’t necessarily a phone call, it usually indicates an intention to communicate, according to several computer scientists.
What puzzled them was why a Russian bank was repeatedly looking up the contact information for mail1.trump-email.com.
Publicly available internet records show that address, which was registered to the Trump Organization, points to an IP address that lives on an otherwise dull machine operated by a company in the tiny rural town of Lititz, Pennsylvania.
From May 4 until September 23, the Russian bank looked up the address to this Trump corporate server 2,820 times — more lookups than the Trump server received from any other source.
As noted, Alfa Bank alone represents 80% of the lookups, according to these leaked internet records.
Far back in second place, with 714 such lookups, was a company called Spectrum Health.
Spectrum is a medical facility chain led by Dick DeVos, the husband of Betsy DeVos, who was appointed by Trump as U.S. education secretary.
Together, Alfa and Spectrum accounted for 99% of the lookups.
This server behavior alarmed one computer expert who had privileged access to this technical information last year. That person, who remains anonymous and goes by the moniker “Tea Leaves,” obtained this information from internet traffic meant to remain private. It is unclear where Tea Leaves worked or how Tea Leaves obtained access to the information.
Tea Leaves gave that data to a small band of computer scientists who joined forces to examine it, several members of that group told CNN, which has also reviewed the data.