Profile picture
The_War_Economy @The_War_Economy
, 25 tweets, 14 min read Read on Twitter
On August 29, 2016, Michael Isikoff published the article "FBI says foreign hackers penetrated state election systems" in Yahoo! News.

yahoo.com/news/fbi-says-…
The article written by Isikoff briefly details the efforts Secretary Jeh Johnson went to in order to speak with numerous electoral bodies, warning them of potential cyberattacks on August 15, 2016. This has been discussed by myself previously.

On August 18, 2016, the Federal Bureau of Investigation's Cyber Division issued a warning titled "Targeting Activity Against State Board of Election Systems", labelled for "NEED TO KNOW recipients". They disclosed cyberintrusions into two state election websites.
The cyberintrusions were allegedly into the Arizona and Illinois voter registration systems. Hackers lifted the personal data of 200,000 state voters in Illinois, but failed to do so in Arizona. This happened in late July 2016.

yahoo.com/news/fbi-says-…
The alert which was issued on August 18, 2016 was received by Yahoo! News, which was then reviewed by Rich Barger, the Chief Intelligence Officer at ThreatConnect.

yahoo.com/news/fbi-says-…
ThreatConnect partnered with CrowdStrike Services on April 14, 2015.

On September 2, 2016, ThreatConnect published a post on their website titled "Can a BEAR Fit Down a Rabbit Hole?", which dealt with the state election boards hacking and a spearphishing campaign against Turkish and Ukrainian Governments.

threatconnect.com/blog/state-boa…
ThreatConnect, viewing the FBI's list of IP addresses associated with the hacks, concluded that six of eight of them belonged to a Russian hosting service called King Servers.

King Servers' domain is registered to Vladimir Fomenko from Biysk, Russia.

threatconnect.com/blog/state-boa…
Vladimir Fomenko is listed as the Chief Executive Officer of King Servers.

He studied at Altai Polytechnic College from 2004 to 2009, and studied at 8 School from 1996 to 2004.

linkedin.com/in/vladimir-fo…
On September 27, 2016, Andrew E. Kramer published the article "A Voice Cuts Through, and Adds to, the Intrigue of Russia's Cyberattacks" in The New York Times. The article is about Vladimir Fomenko.

nytimes.com/2016/09/28/wor…
Vladimir Fomenko suggested at the time that he had information available in relation to Russian hacking, but said he had not been contacted, and that he was open to discussing the IP addresses with the Federal Bureau of Investigation.

nytimes.com/2016/09/28/wor…
The servers under King Servers were located in Dronten, the Netherlands and other locations, while Fomenko owns servers in Fremont, CA, Garden City, NY and Moscow, Russia.

nytimes.com/2016/09/28/wor…
According to ThreatConnect, the hackers' spearphishing campaign was used against officials in Turkey, Germany and Ukraine, where the e-mails mimicked either Gmail security warnings or notes from LinkedIn.

nytimes.com/2016/09/28/wor…
While the e-mails were sent to the Justice and Development Party in Turkey, the German Freedom Party in Germany, and the Ukrainian Parliament, one King Servers address used Tor for the Illinois and Arizona electoral board hacks.

nytimes.com/2016/09/28/wor…
King Servers itself was founded by Vladimir Fomenko in 2008.

nytimes.com/2016/09/28/wor…
On September 15, 2016, Vladimir Fomenko closed down the two servers that were accused of involvement in the hacking of the Arizona and Illinois voting systems. Fomenko denied any Russian intelligence agency involvement in the server use.

nytimes.com/2016/09/28/wor…
Fomenko said he had not been contacted by any law enforcement agency, including Russian. He said the client who used the servers left a trail and he had a total of 60 IP addresses available, connecting Britain, Finland, France, Italy, Norway and Sweden, offering the FBI the info.
This is a copy of the Federal Bureau of Investigation's Amber Flash in relation to the election systems cyberattack threats, listening the IP addresses.

"Targeting Activity Against State Board of Election Systems".

thefreethoughtproject.com/wp-content/upl…
The attempted hack into Arizona's Gila County voter registration system occurred in late June 2016.

mcclatchydc.com/news/politics-…
Vladimir Fomenko is Facebook friends with Pavel Vrublevsky, who publicly accused Sergei Mikhailov of leaking details of Russian hacking capabilities to United States intelligence agencies.

mcclatchydc.com/news/politics-…

worldview.stratfor.com/article/making…
Vladimir Fomenko attended high school in Kirovograd, Ukraine and university in Aktobe, Kaszakhstan. His Facebook friend list features Russian millennials and Western reporters.

mcclatchydc.com/news/politics-…
King Servers BV in the Netherlands was registered on May 12, 2016 by Nataliia Lysenko, a Ukrainian bookkeeper, while Pavlo Victorovych Zinkovskyi and Vladimir Fomenko acted as 50-50 equity partners.

mcclatchydc.com/news/politics-…
Pavlo Zinkovskyi arrived in New York on October 15, 2015, with his visa expiring in April 2016, when he then left Los Angeles on May 6, 2016.

mcclatchydc.com/news/politics-…
Fomenko attested to McClatchy that it was he who reached out to The New York Times to speak with Andrew Kramer and discuss his involvement after he saw the report by the Federal Bureau of Investigation.

mcclatchydc.com/news/politics-…
Fomenko also insisted to McClatchy that no United States investigators had contacted him.

mcclatchydc.com/news/politics-…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to The_War_Economy
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!