Share this page!

Kim Zetter Profile picture
Twitter logo
Sep 21, 2018 4 tweets 2 min read
For months, ES&S refused to tell me or @RonWyden how many of its customers had remote-access software pcAnywhere installed on their election-management systems. ES&S would only say "a small number” Today, NPR reports ES&S has finally revealed 300 jurisdictions had it installed.
ES&S told NPR that the software was never installed on machines that tabulate votes. But that's exactly what election-manage systems do -- they tabulate the aggregated votes collected from voting machines.
Here is my original story about this: motherboard.vice.com/en_us/article/…

And here's the NPR piece today:
npr.org/2018/09/21/649…
In original NYTmag story I wrote, ES&S told me it had "never" installed remote-access software on any election-management system. Then it told Wyden the software was installed on only small number of customers. Now number of customers is revealed to be 300 nytimes.com/2018/02/21/mag…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Kim Zetter

Kim Zetter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @KimZetter

Kim Zetter Profile picture
Feb 4
Investigators w/ @TalosSecurity say they've traced email addresses used in WhisperGate attack to misinfo campaigns in 2020 and to FancyBear misinfo campaigns in 2016 and 2017 and a person named Boris Rozhin. But they also caution about conclusions. blog.talosintelligence.com/2022/01/ukrain…
Unfortunately, the writeup is very confusing (at least to me!). Cisco notes that the email addresses were in the public domain and could have been simply adopted by the WhisperGate attackers. See next tweets for relevant portions from report, which may be more clear to you.
Image
Read 6 tweets
Kim Zetter Profile picture
Jan 14
Sources tell me ~15 sites in Ukraine - all using October content management system - have been defaced, incl Min of Foreign Affairs, Cabinet of Ministers, Min of Ed, Emergency Services, Treasury, Environmental Protection. Attackers apparently used this: cvedetails.com/cve/CVE-2021-3…
Screenshot in my previous tweet is Ministry of Foreign Affairs site. Site is currently down, but @ChristopherJM grabbed screenshot before it went down. In addition to defacements, Min of Veterans has been hit with DDoS campaign sources tell me.
There's currently no indication that the attacks went beyond defacement and DDoS, but it's too early to say.
Read 8 tweets
Kim Zetter Profile picture
Dec 20, 2021
Re-watching Matrix trilogy in advance of new release, noticed recurrence of steak in films. There’s famous Cypher steak scene in 1st film, but also at end of credits it says password for Matrix site is “steak,” and billboard in Matrix Reloaded says “Steak!” in giant letters.
When I Googled for info about recurring steak theme, I came across recent interview w/ Joe Pantoliano (Cypher) talking about how Keanu fought to keep steak scene in film when studio wanted it cut, and the Wachowski’s strange reaction when talking about itt italy24news.com/entertainment/…
Haven’t watched the films closely enough to see if there are other hidden references to steak.
Read 4 tweets
Kim Zetter Profile picture
Dec 9, 2021
Three American spies who helped the UAE's DarkMatter surveillance program spy on journalists and activists are now being sued by one of the targets of those spy operations, along with DarkMatter. The three - Marc Baier, Ryan Adams, Daniel Gericke - were recently charged by DoJ
The lawsuit says the spying the 3 Americans helped DarkMatter do led to the arrest of Saudi human rights actvist Loujain Hathloul Alhathloul by UAE security services, and to her rendition to Saudi Arabia "where she was detained, imprisoned, and tortured" eff.org/files/2021/12/…
"The acts committed by Defendants against Ms. Alhathloul are inextricably linked to the US. Defendants carried out these actions using sophisticated cyber-technology developed in the US and obtained from US companies, and used this technology...to infect Ms. Alhathloul’s phone"
Read 6 tweets
Kim Zetter Profile picture
Dec 6, 2021
Owner of Mitto, Swiss company that sends marketing/security codes/ads via txt, had privileged access to telecom SS7 networks and sold that access to surveillance companies to track location of mobile phones. One phone tracked was a US State Dept official
thebureauinvestigates.com/stories/2021-1…
Mitto has had partnership with Google and Twitter to txt security codes to users, and has had partnership with 100+ telecoms, incl Vodafone, Telefónica, MTN, Deutsche Telekom. Gorelik sold the service to surveillance companies which in turn contracted with government agencies
“sources who said their former company worked with Gorelik to carry out surveillance for governments added that he installed custom software at Mitto that could be used to target certain people…there was virtually no oversight of surveillance carried out using Mitto’s systems”
Read 6 tweets
Kim Zetter Profile picture
Nov 24, 2021
Using supposedly impregnable encrypted phones, Serbian hit men discussed plans to kill a judge. But as they texted, their messages also flashed up on the computer screens of a secret police team in Belgium that had hacked into the messenger service they were using, Sky ECC.
Sky sold phones w/ encryption software installed and GPS/camera/microphone disabled. Messages got automatically deleted after 48 hrs if contact wasn’t reachable, and devices could be wiped remotely. Sky said platform was impenetrable and offered $5 mil to anyone who could hack it
Authorities found Sky server in northern France and worked w/ officials to get access. At first they could only see metadata, not messages. Until an international team of hackers found way to decrypt about half of the 3 million daily messages, and used keyword filters to sort
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @KimZetter has new unrolls!

Check out other threads from @KimZetter!

Read all threads by @KimZetter

:(