I'm equally surprised! How does this not paint them in a bad light? From Guccifer 2.0:
"I used 0-day exploit of NGP VAN soft then I installed shell-code into the DNC server. It allowed me to intrude into DNC network. They have Windows-based domain architecture. Then I installed my Trojans on several PCs. I had to go from one PC to another every week so CrowdStrike couldn’t catch me for a long time. I know that they have cool intrusion detection system. But my heuristic algorithms are better."