In early August, Chris Vickery, the director of risk research at the cybersecurity firm UpGuard, was browsing GitHub, an open-source software repository, for references to Cambridge Analytica. Vickery, in March of 2018, had discovered that an obscure Canadian data firm called Aggregate IQ had developed election software that Cambridge Analytica sold to political campaigns—most notably Donald Trump’s. In that case, Vickery found hundreds of pages of code. His August find was less substantial: a read.me file, written in plain English, that said, “Useful, revenue-producing data applications that Cambridge Analytica won’t suggest to you.” Its author, a California-based political operative named Ron Robinson, claimed to have worked on nearly a hundred campaigns, including efforts for Mitch McConnell, Joe (the Plumber) Wurzelbacher, and Newt Gingrich. His post, which went on to say that the actual code has been removed “for NDA privacy,” was hashtagged “#Social Engineering”, “#MAGA,” and “#Hacks.”

After some more digging, Vickery found a series of advertisements, posted by Robinson, selling what he was calling “subpoena resistant” e-mail accounts with the domain name NSAmail.us. Robinson was also offering a second e-mail service, with the domain name innoc.us, for “those who don’t want to taunt the NSA every time they send an email.” The accounts, which were intended to be beyond the reach of U.S. law enforcement, had been hosted in Russia by a company called Mir Telematiki. (In fact, the National Security Agency had been surveilling Mir Telematiki’s servers since 2009.) Coincidentally, perhaps, this was the same hosting service used by WikiLeaks. On August 16th, Vickery contacted the F.B.I. “I have reason to believe that [Robinson] provided email and other online services to US political campaigns, political action committees, and related entities through servers physically located in Moscow, Russia,” Vickery wrote on the F.B.I.’s online tip portal. “It is reasonable to assume [he] knew, or should have known, the in-depth level of access Russian intelligence agencies would have to emails, files, and other data passing through servers located in Moscow.” (Robinson declined to comment for this story.)

On social media, the unmasking of Robinson quickly fed various conspiracy theories, some elaborate, some prosaic. But all of them included a suggestion that Ron Robinson was, in the words of one of Vickery’s Twitter followers, “a Kremlin asset.” All of the dots seemed to connect. Robinson, a Tea Party activist, is Facebook friends with Rhonda Rohrabacher, who is the wife of former Representative Dana Rohrabacher, popularly known as Putin’s favorite congressman. Robinson was also connected on Facebook to David Bossie, Trump’s deputy campaign manager, in 2016, as well as to a number of other prominent right-wing power brokers, including Ned Ryun, the founder and C.E.O. of American Majority, an organization that trains “liberty-minded” candidates and activists. In addition to offering “subpoena resistant” e-mails, he had been recommending that his clients forgo Google for Yandex, the Russian e-mail and search-engine company, because “it is much harder to subpoena from a foreign entity.” “Don’t ever change, Yandex,” Robinson wrote, in June, in a Facebook post that also tagged two California Tea Party officials. “Some of us trust you more than we trust certain agencies on this side of the pond. Thanks for keeping our stuff safe. We knew we made the right choice.”

There was more. Vickery discovered that Robinson had uploaded a screen shot of his digital-activist-training work files, which included mentions of a popular hacking tool called Metasploit, as well as a cryptocurrency tracker. (Cryptocurrency can be an untraceable way to move money.) Screenshots taken by Vickery showed that Robinson had provided e-mail services for the National Draft Ben Carson for President Committee, leading Vickery to wonder if those services—or the ones he provided for numerous down-ballot Tea Party and Republican candidates—were being routed through or stored in Russia. (McConnell’s campaign, for its part, said that Robinson “doesn’t work for us.”) As Twitter sleuths mined the Internet for other nuggets of evidence proving that Robinson, a computer programmer in his sixties with an affection for guns and an abiding distrust of the government, was working for the Russians, they seemed to have missed the central irony: Robinson was promoting Yandex and other offshore services because, he said in a YouTube video from April, 2018, “I’m a conservative and we know that conservatives are under attack from all directions online.”