Share this page!

Eric Ellason Profile picture
Twitter logo
1 Oct, 16 tweets, 7 min read
New reporting by @adamgoldmanNYT on the very odd internet traffic between a Trump registered domain, Alfa Bank in Moscow, Spectrum Health and Heartland Payment processing back in mid 2016. It continues to baffle researchers and the Intel community ... 1/14
A previously non-public intel report by Daniel J Jones has now been unredacted & publicly available as a court doc in an ongoing lawsuit. @briankrebs reported on this last week and has a link to the full document in his article ... 2/14 #infosec #infoOps krebsonsecurity.com/2021/09/lawsui…
Oddly this mysterious 2016 traffic before the election was between a Trump registered domain, Russian Alfa-Bank, Spectrum Health & Heartland Payments & was the focus of the Durham investigation touted by Trump & his supporters. Durham's findings resulted in more questions 3/14
First highly recommend re-reading this 2018 article on the event by Dexter Filkins. So in 2016 data scientists reported an odd stream of internet traffic between a Trump Org domain, Alfa Bank, a Michigan Hospital and a Payment Co. #infosec #infoOps 4/14
This odd traffic occurred shortly after Trump became the GOP frontrunner for President & continued up through Sept 2016. In October 2016 the New York Times & Slate Magazine both published articles revealing these strange comms between a Trump domain and Alfa-Bank in Moscow. 5/14
Over the past 5 yrs many different explanations have been floated 2 explain these odd communications by the Trump organization, Alfa-Bank & Trump supporters, things like it didnt happen, they were hacked, it was marketing email spam, anti-virus programs gone haywire, ect..6/14
None of the excuses have frankly made sense or even been touted consistently by all the parties involved. In fact many of the explanations by one party involved have conflicted with one of the other parties involved. Or more recently that the data was faked somehow 7/14
The common excuse touted was that communications were merely from marketing email spam. There r significant problems with this explanation, not withstanding, that it would have been the easiest excuse to use 4 all parties involved from the very beginning if it had been true 8/14
The CEO of Cendyn the vendor who had been hired by Trump organization 2 manage marketing emails & some online hospitality applications (Metron) said to the FBI that they stopped doing work & stopped email campaigns 4 Trump in March 2016. Two months before the strange comms 9/14
This seems to be backed up by the fact that multiple cybersecurity companies hired by Alfa-Bank and ones that have looked independently could find no example of a Trump marketing email sent to Alfa-Bank, or Spectrum Health or Heartland Payments during this period. 10/14
We also looked at RIPEstat data and various spam blocklist sites (as did Daniel Jones) and could not find any spam flag for the Trump domain IP address in question after March 2016. 11/14
The DNS lookups also did not match the typical periodicity of communications caused by marketing emails and the Trump Organization server was not configured to effectively send bulk or marketing email (spam) and there was no SPF record set for that domain 12/14 #infosec #infoOps
In the Daniel J Jones' report, which is exceptionally thorough, they did statistical analysis that indicated that the internet traffic between these entities (Trump, Alfa-Bank ect..) was human-directed events and not computer or software directed events. 13/15
At one point the FBI also tried 2 downplay the traffic & said it was most likely from marketing emails or suggested it might be encrypted Tor comms (neither are likely correct) and it just highlights the fact that the FBI either bungled the investigation and/or has no idea 14/15
The Daniel J Jones analysis entertains a number of possible explanations, malware, covert communications channel, comms from a Cendyn application like Metron and a few others. Again highly recommend reading the report which can be found here. krebsonsecurity.com/wp-content/upl…
And this really needs to be cleared up. Does this FBI official really exist (or is it another fake one like the recently botched Reuters story about clearing Alex Jones of anything to do with Jan 6th). And did the FBI ever investigate the Trump / Alfa Bank thing

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Eric Ellason

Eric Ellason Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SlickRockWeb

Eric Ellason Profile picture
30 Sep
When MAGAworld hates science because something doesn't fit their theocratic / autocratic world view ...but then later claims to understand science when it now does fit ...you get Pfizermectin. Anti-viral in testing by Pfizer is NOT even remotely similar structurally 2 Ivermectin
Oh & in case its not clear, MAGAworld coined the drug name Pfizermectin and not Pfizer. I don't think Pfizer has even come up with a brand name yet. Don't know and don't care at this point. Just that this conspiracy came up a few days back during our Ivermectin research. #disinfo
Since there seems to be a new found interest in science by MAGAworld here is our Ivermectin thread from last week. Enjoy!! And make sure you are stocked up on adult depends.
Read 6 tweets
Eric Ellason Profile picture
29 Sep
Decided 2 display a snapshot of the discussions pro-Kremlin #hamilton68 v1.0 trolls had over the first 23 days of Sept in 2018-2021. We highlight the top 4 relevant words / hashtags used in decreasing shades of blue & 4 relevant words highlighted in red for comparison. #infoOps ImageImageImageImage
Quick refresher on Hamilton68 & the accounts we reverse engineered from the original #Hamilton68 v1.0 dashboard first run by @SecureDemocracy in 2017. We have collected hundreds of troll / bot accounts since 2018 & categorized them in 8 subsets. #infoOps
This wikipedia entry is a pretty good overview of the genesis of the Alliance for Securing Democracy (ASD) @SecureDemocracy first formed in July 2017. The ASD is housed at the German Marshall Fund @gmfus of the United States #infosec #infoOps
en.wikipedia.org/wiki/Alliance_…
Read 14 tweets
Eric Ellason Profile picture
20 Aug
This Reuters story is horse💩 . All anonymous sources & no legitimate #FBI investigator would make this statement to establish the innocence of Alex Jones & Roger Stone. Not even the 2 most closely aligned with each other or the events of #Jan6th. Look up Willard War Room 2 start
Just one of so many examples of paths that seemed pre-war gamed out. And there is lots of evidence for this. Why was everyone so pre-occupied with VP Pence? And ask yourself what would have happened if Congress did NOT come back in session to finish the certification on Jan6th?
As @visionsurreal so correctly puts it "Hybrid warfare means not everyone is part/aware of plan." Read his stuff ... its terrifying how close our Democracy got to being shredded.
Read 7 tweets
Eric Ellason Profile picture
15 Aug
It is a good reminder to everyone that this agreement "US and Taliban signed a deal to end 18-year war" occurred back in February 2020 and was at the behest of President Trump at the time. The deal included us releasing 5000 Taliban prisoners. #Kabul bbc.com/news/world-asi…
One will also note there were no Afghani women involved or celebrating this deal. #Kabul
There is also this .... Pakistan. If anyone spends any time researching social media propaganda around the current Afghanistan situation it becomes very clear the large number of Pakistani aligned or sympathetic accounts celebrating / promoting the Taliban advances. #Kabul
Read 14 tweets
Eric Ellason Profile picture
13 Aug
I know we promised we would put together a part II report on the Mike Lindell Cyber Symposium after we saw more data but after 3 days it is very clear the whole thing was a giant hoax. Who played who and who all were in on the hoax is not completely clear.
Day one a handful of small files were provided by Mike Lindell's people but those turned out to be weirdly encoded files of nonsense and absolutely zero context was provided. @pwnallthethings reported on this in more detail here. #osint #infosec #disinfo
The biggest bombshell from the Mike Lindell Cyber Symposium was the admission by MAGA cyber "expert" Josh Merritt aka spyder or spider that the PCAP data, supposedly implicating China involvement in the November 2020 elections, was bogus & a "turd". #osint
Read 9 tweets
Eric Ellason Profile picture
2 Jun
OMG this #faucileaks campaign is right out of a KGB playbook. Call it a "leak" 2 make it seem nefarious when it's just a legal FOIA request & cherry pick emails to fit your narrative from total randos like Dermatologists and fake Physicists that cant even spell hydroxychloroquine
Hey Dr. Fauci why are you not addressing the new cure I found, that Elmer's Glue will actually stick to the virus and remove it from your body? Signed Jack Posobic @JackPosobiec, who stayed at a Holiday Inn Express last night. #FauciEmails
You can almost pick any tweet in #fauciLeaks and it is a total rando like DJ Freedom Rockets spewing insanity, pontificating on cherry picked emails that are completely out of context. This whole mask insanity is total gaslighting ... 1/3
Read 13 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @SlickRockWeb has new unrolls!

Check out other threads from @SlickRockWeb!

Read all threads by @SlickRockWeb

:(