Share this page!

Stephen McIntyre Profile picture
Twitter logo
Jan 2, 2019 22 tweets 32 min read
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers In that post, I mentioned an "Easter egg". I explained the Easter egg in a follow-up post climateaudit.org/2018/03/24/att…. There was an apparent infrastructure link between the Lurk banking gang and the spearphishing campaign attributed to APT28 (Fancy Bear) by SecureWorks.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers registrant of googlesetting[.com] domain used in the 2015 spearphishing campaign analysed by SecureWorks (June 26, 2016) is andre_roy@mail.com, also registrant for numerous domains in Oct 2014 PWC inventory pwc.blogs.com/files/tactical… of APT28 domains. Connecting spearphish to APT28.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 2/ registrant of accoounts-google[.com, other domain used in 2015 spearphishing campaign, is "Gennadiy Borisov" with email yingw90@yahoo.com, used in scores of crimeware domains associated with Lurk's Angler exploit kit.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 3/ this parallel structure is an otherwise unreported and startling connection between (Russian) Lurk Banking gang and the spearphishing campaign analysed by SecureWorks in connection with DNC hack. See climateaudit.org/2018/03/24/att… and climateaudit.org/2018/03/11/arr…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 4/ there's another fascinating connection between Lurk Banking Gang and DNC hack which has been reported, but little discussed. (I was unaware of it when I wrote my long article on Lurk Banking Gang last year.)
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 5/ Konstantin Kozlovsky, one of the leaders of the Lurk Banking Gang, under arrest since June 2016, claimed that he hacked the DNC under directions of the FSB (not the GRU who were indicted by Mueller)
fastcompany.com/40538571/jaile…
fortune.com/2017/12/11/rus…
mcclatchydc.com/news/nation-wo…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 6/ there's been considerable skepticism on Kozlovsky's claim e.g. several analysts in Daily Beast article thedailybeast.com/should-we-beli…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 7/ FWIW, it seems to me that the parallel infrastructure (see discussion) above might provide some additional support for this theory. But Kozlovsky is just beginning of even stranger story.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 8/ Kozlovsky said that his handler was FSB's Dmitry Dokuchaev. In Dec 2016, Dokuchaev was charged with treason, along with Sergei Mikhailov, Dokuchaev's FSB boss, and Ruslan Stoyanov of Kaspersky (who had led arrest of Lurk gang) for passing info to US foreignpolicy.com/2017/01/31/arr…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 9/ when arrested, Sergei Mikhailov has $12 million in cash at his house. Also, his biography was reported to be fraudulent - startling for a senior FSB officer. "Sources" reported that he had been "originally recruited by the Americans during a vacation"
dailymail.co.uk/news/article-4…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 10/ one of the earliest articles on arrests meduza.io/en/feature/201… speculated on a "mind-bendingly elaborate plot".
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 11/ reporter Irek Murtazin summarizes that, at first glance, "the FSB appears to be encouraging suspicions that its officers and agents were involved in a cyber-attack on the United States", but points out that the story has a "false bottom".
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 12. suppose that Kozlovsky's orders to hack the DNC originated from Mikhailov, who has been charged by Russians for being a US agent. "mind-bendingly elaborate", indeed.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 13/ it seems possible that the arrested FSB officials might well have given information to US intelligence blaming GRU for the hack. I wonder what is really known about any of this,
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 14/ here's another link to a very early article (Dec 2017) article on the arrests
novayagazeta.ru/articles/2017/…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 14/ the Russian articles say that Kozlovsky's hack was Crowdstrike's Cozy Bear, not Fancy Bear. Mueller's charges were limited to the Fancy Bear hack. The Cozy Bear hack was conspicuously absent.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 14/ fascinating as this seems, this too has a catch. A more recent article (Oct 2018) says that Mikhailov and his accomplices received $10 million from FBI for information about Pavel Vrublevsky, the former head of the payment services company Chronopay.
meduza.io/en/news/2018/1…
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers 15/ @_mzishi_ links fascinating Dec 29/18 article linkedin.com/pulse/double-a… which says that (US spy) #SergeiMikhailov was in charge of bitcoin BTC-e (and Russia's entire online WebMoney, crypto and otherwise) and that US lost control of exchange when Mikhailov arrested.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers @_mzishi_ 16/ Article also asserts that (CIA agent) #SergeiMikhailov "supplied American security services with the IP addresses that linked Fancy Bear to the DNC hack". Tangled story indeed.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers @_mzishi_ 17/ tracing the LinkedIn article to its Russian source m.lenta.ru/articles/2018/…. It states that "BTC-E exchange, as well as the entire hacker network in Russia" was controlled by #SergeiMikhailov.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers @_mzishi_ 18/ Lenta.ru article also stated that Mikhailov supplied CIA with "IP addresses of supposedly Russian hackers, from which the correspondence of Hillary Clinton's headquarters was hacked" and that, since Mikhailov worked for CIA, BTC-e "served interests" of CIA.
@2xwide_dreaming @dr_davidsmith @wakeywakey16 @Larry_Beech @taleof2servers @_mzishi_ 19/ another important point that I should have mentioned earlier. Arrests of Dokuchaev and Mikhailov came soon after arrest of Shaltai Boltai leader Vladimir Anikeev in Oct 2016. Anikeev was arrested after being lured from Ukraine to Moscow.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Stephen McIntyre

Stephen McIntyre Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ClimateAudit

Stephen McIntyre Profile picture
Feb 8
In today's thread, I'm going to excavate some fascinating data on Omicron vs Delta from a CDC article. On its face, it's a garden variety sermon on vaccination
cdc.gov/mmwr/volumes/7…, but it contains other interesting data that wasnt discussed by the authors.
2/ bear with some preliminaries so that the precise point is understood when I get to it. The underlying database is 222772 visits ("encounters") by adults to 383 US emergency depts and urgent care clinics and 87904 hospitalizations at 259 hospitals from Aug 26/21 to Jan 5/22.
3/ Delta variant was predominant for most of period; Omicron rapidly became dominant in Dec and, by Jan, Omicron (rather than vaccination) had more or less eliminated Delta. While authors stratify results by "Delta" and "Omicron" periods, unfortunately they didnt quantify lengths
Read 30 tweets
Stephen McIntyre Profile picture
Jan 24
UK has published some relatively detailed data showing "unadjusted" rates of case infection of boosted vs unvax by age group.
assets.publishing.service.gov.uk/government/upl… As context, Ontario SciTable only shows "adjusted" case rate purporting to show unvax rate as twice that of vax (2 or more doses)
2/ in ALL UK ages above 30, "unadjusted" case infection rate for triple-vax was HIGHER than among unvax. These results troubled UK authorities who printed unadjusted unvax rates in light gray, warning "comparing case rates ...should not be used to estimate vaccine effectiveness"
3/ the UK conclusion that "comparing case rates among vaccinated and unvaccinated populations should not be used to estimate vaccine effectiveness against infection" will come as news to Ontario SciTable and other authorities which regularly use such data in briefings
Read 14 tweets
Stephen McIntyre Profile picture
Jan 16
Quebec, in midst of draconian lockdown, (unlike Ontario) publishes new hospitalization data by age group, vax status msss.gouv.qc.ca/professionnels…

These are real counts, neither "normalized" relative to population nor "adjusted" by Ontario Science Table (or CDC). What do you notice? Image
2/ the most obvious observation about new hospitalizations is that (unsurprisingly) they are dominated by seniors and particularly over 80s - a group which is almost totally vaxxed.
3/ a secondary observation is that, in younger agegroups, number of new hospitalizations among unvax is pretty similar to number of new hospitalizations among vax, even though population of unvax is much smaller. This is consistent with primary messaging from governments.
Read 17 tweets
Stephen McIntyre Profile picture
Jan 12
in response to recent threads in which I showed actual vax and unvax case counts (not just per million), I've been abused by many commenters for my supposed failure to understand "data science 101" - that ONLY per million matters and only a moron would look at counts.
2/ I suspect that most of the abusive commenters are much younger than me and thus fail to consider why actual counts of fully-vax cases are of particular concern to someone who is fully vax and in a vulnerable age group (like me.)
3/ Nearly every 80+ and 70+ in Ontario was fully vax in Dec; yet there was unprecedented explosion of cases among seniors in mid-Dec. This is NOT due to almost non-existent unvax seniors. I wish it were. Yes, the few unvax are at more risk. But they arent causing senior caseload
Read 15 tweets
Stephen McIntyre Profile picture
Jan 11
the actual operating problem for Ontario govt - what puts pressure on hospitals and ICUs - is most likely the dramatic resurgence of cases among Ontario seniors, even including 99.99% fully-vax 80+s.
2/ it is well known that hospitalization and ICU rates for senior COVID cases are FAR higher than younger cohorts. In Toronto, where fine-grained data is available, 34% of cases among 80-90s are hospitalized; 25% of cases among 70-79s hospitalized, 5.8% into ICU
3/ in November, the priority of federal government and Science Table appears to have been vaccinating 5-11 year olds, as opposed to boosting seniors. "Younger" seniors (60s and 70s) mostly wer not eligible for boosters until December due to 6-month federal regulation.
Read 4 tweets
Stephen McIntyre Profile picture
Jan 10
today's Ontario cases are down almost 50% from Jan 1 max. Fully-vax cases accounted for ~85% of all cases; on a per million basis, fully vax cases still are higher than unvax cases. SciTable shows increasing cases, with "adjusted" unvax cases exceeding vax cases on per MM basis.
2/ here is today's NON-ICU hospitalizations, absolute and per million, by status. About 75% of non-ICU hospitalizations are full vax, flipping ratio that applied earlier in pandemic. Relative unvax rates remain higher.
3/ to estimate "excess" unvax non-ICU occupancy, I calculated what non-ICU numbers for unvax "should have been" if they had same relative occupancy as full-vax. It was ~100 extra for most of 2021, now ~150. This is 8% of present 1925 non-ICU occupancy.
Read 15 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @ClimateAudit has new unrolls!

Check out other threads from @ClimateAudit!

Read all threads by @ClimateAudit

:(