Is hacker Marcel Lazar Lehel, is Guccifer, but is he also Guccifer 2.0? Is he from Romania? Was he working alone?  Reports say digital footprints reveal that Guccifer 2.0 works for Russian Military Intelligence

Top drawer hacker Marcel Lazar Lehel, when he was arrested in 2014 claimed he was from Romania and had worked alone with the handle  “Guccifer 2.0”,  who stole Democratic National Committee emails during the 2016 presidential election.
Curiously Lehel was arrested in 2014 and has been serving time in a Romanian jail, subsequent to extradition to the US after serving out his time.
So who is  ‘Guccifer 2.0’? The name behind the hacking that changed the landscape of the 2016 presidential campaign.
Daily beast says the real Guccifer 2.0 is a pseudonym of was a Russian intelligence agent. –  ‘Guccifer 2.0, the ‘lone hacker’ who stole Democratic National Committee emails during the 2016 presidential election, was a Russian intelligence agent’, the publication reports.
The unnamed officer claimed to be a lone Romanian hacker, but was instead working for a military intelligence agency in Russia known as GRU, The Daily Beast reported.
The report says US investigators were able to trace the person’s identity when they failed to activate the VPN client before logging on.
Russian media, identified Romanian hacker Marcel Lazar Lehel, as ‘Guccifer,’  and the  ‘lone hacker’, who exposed Hillary Clinton’s use of a private email server.
At the time of his arrest Lehel said the ongoing barrage of accusations by politicians in the US who claim that Russia “hacked the US election” is part of a “fake cyber war.”
In a series of interviews with Fox News, Lazar attributed Russian hacking accusations to Cold War sentiments: “Americans are crazy about the Russian thing and that Russians are invading the United States,” Lazar said.
Lehel, spoke to Fox News from a Romanian prison, where he is serving a sentence for cybercrimes. After serving his sentence in Romania, he is to be extradited to the US, where he will also spend time in jail.
Arrested in 2014, Guccifer claimed to have hacked Clinton’s email server while in US custody. He also claimed responsibility for breaching computer networks of a number of celebrities and officials in Romania and the US. According to his statements, he found emails sent to Clinton’s private clintonemail.com address in one hack, and shared his discovery with the public – a claim that was never publicly confirmed by the FBI.
The sequence becomes relevant to the question, who or what is the re-incarnation Guccifer 2.0?
That forensic determination has substantial implications now that the special counsel in Robert Mueller, who is investigating possible Russian meddling in the 2016 presidential elections, has taken over the probe into Guccifer and brought the FBI agents who worked to track the persona onto his team.
The general belief is that the attribution of Guccifer 2.0 as an officer of Russia’s largest foreign intelligence agency would cross the Kremlin threshold—and move the investigation closer to the president’s personal nexus with the case, “The attribution of Guccifer 2.0 as an officer of Russia’s largest foreign intelligence agency brings the investigation closer to the Kremlin’s doorstep—and to Trump himself,” according to a source.
Daily Beast reports that Trump’s longtime political adviser Roger Stone after admitting being in touch with Guccifer over Twitter’s direct messaging service,  as far back as August 2016,  published an article on the Steve Bannon led, pro-Trump publication, Breitbart News postulating that: “It doesn’t seem to be the Russians that hacked the DNC, but instead a hacker who goes by the name of Guccifer 2.0.”
However, just five months later, the CIA, NSA, and FBI all assessed “with high confidence” that “Russian military intelligence, otherwise known as GRU), used the Guccifer 2.0 persona and one other – DCLeaks.com – to release US victim data.
The catch is that the assessment did not directly identify the handle ‘Guccifer’ as belonging to a Russian intelligence officer. Nor did it provide any evidence for its assertions.
This report now exposes the powerful reason to connect Guccifer to the GRU.
The related sequence of events is that Guccifer 2.0 came into existence on June 15, 2016, hours after a report by a computer security firm forensically tied Russia to an intrusion at the Democratic National Committee.
The agencies noted that In a series of blog posts and tweets over the following seven months, the Guccifer persona published a smattering of the DNC documents while gamely projecting an image as an independent Romanian hacktivist who’d breached the DNC on a lark. As Stone’s Breitbart piece demonstrated, Guccifer provided Moscow with a counter-narrative for the election interference. Oddly, the disinformation campaign ceased completely right as Trump took office.
Guccifer hid behind the firewall of  a “lone hacker” who perpetrated the digital DNC break-in. Most analysts from the outset, were skeptical of the explanation. Motherboard conducted a devastating interview with Guccifer that exploded the account’s claims of being a native Romanian speaker.
Based on forensic clues in some of Guccifer’s leaks, and other evidence, a consensus quickly formed among security experts that Guccifer was completely notional.
“Almost immediately various cyber security companies and individuals were skeptical of Guccifer 2.0 and the backstory that he had generated for himself,” said Kyle Ehmke, an intelligence researcher at the cyber security firm ThreatConnect: “We started seeing these inconsistencies that led back to the idea that he was created hastily… by the individual or individuals that affected the DNC compromise.”
Skepticism aside, tracking the link proved quite elusive. Metadata in his emails always ended at the same data center in France. It was eventually discovered that Guccifer was connecting through an anonymizing service called Elite VPN, a virtual private networking service that had an exit point in France but was domiciled in Russia.