Kim Zetter Profile picture
Feb 4 6 tweets 2 min read
Investigators w/ @TalosSecurity say they've traced email addresses used in WhisperGate attack to misinfo campaigns in 2020 and to FancyBear misinfo campaigns in 2016 and 2017 and a person named Boris Rozhin. But they also caution about conclusions. blog.talosintelligence.com/2022/01/ukrain…
Unfortunately, the writeup is very confusing (at least to me!). Cisco notes that the email addresses were in the public domain and could have been simply adopted by the WhisperGate attackers. See next tweets for relevant portions from report, which may be more clear to you.
Image
Image
Image
Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Kim Zetter

Kim Zetter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @KimZetter

Jan 14
Sources tell me ~15 sites in Ukraine - all using October content management system - have been defaced, incl Min of Foreign Affairs, Cabinet of Ministers, Min of Ed, Emergency Services, Treasury, Environmental Protection. Attackers apparently used this: cvedetails.com/cve/CVE-2021-3…
Screenshot in my previous tweet is Ministry of Foreign Affairs site. Site is currently down, but @ChristopherJM grabbed screenshot before it went down. In addition to defacements, Min of Veterans has been hit with DDoS campaign sources tell me.
There's currently no indication that the attacks went beyond defacement and DDoS, but it's too early to say.
Read 8 tweets
Dec 20, 2021
Re-watching Matrix trilogy in advance of new release, noticed recurrence of steak in films. There’s famous Cypher steak scene in 1st film, but also at end of credits it says password for Matrix site is “steak,” and billboard in Matrix Reloaded says “Steak!” in giant letters.
When I Googled for info about recurring steak theme, I came across recent interview w/ Joe Pantoliano (Cypher) talking about how Keanu fought to keep steak scene in film when studio wanted it cut, and the Wachowski’s strange reaction when talking about itt italy24news.com/entertainment/…
Haven’t watched the films closely enough to see if there are other hidden references to steak.
Read 4 tweets
Dec 9, 2021
Three American spies who helped the UAE's DarkMatter surveillance program spy on journalists and activists are now being sued by one of the targets of those spy operations, along with DarkMatter. The three - Marc Baier, Ryan Adams, Daniel Gericke - were recently charged by DoJ
The lawsuit says the spying the 3 Americans helped DarkMatter do led to the arrest of Saudi human rights actvist Loujain Hathloul Alhathloul by UAE security services, and to her rendition to Saudi Arabia "where she was detained, imprisoned, and tortured" eff.org/files/2021/12/…
"The acts committed by Defendants against Ms. Alhathloul are inextricably linked to the US. Defendants carried out these actions using sophisticated cyber-technology developed in the US and obtained from US companies, and used this technology...to infect Ms. Alhathloul’s phone"
Read 6 tweets
Dec 6, 2021
Owner of Mitto, Swiss company that sends marketing/security codes/ads via txt, had privileged access to telecom SS7 networks and sold that access to surveillance companies to track location of mobile phones. One phone tracked was a US State Dept official
thebureauinvestigates.com/stories/2021-1…
Mitto has had partnership with Google and Twitter to txt security codes to users, and has had partnership with 100+ telecoms, incl Vodafone, Telefónica, MTN, Deutsche Telekom. Gorelik sold the service to surveillance companies which in turn contracted with government agencies
“sources who said their former company worked with Gorelik to carry out surveillance for governments added that he installed custom software at Mitto that could be used to target certain people…there was virtually no oversight of surveillance carried out using Mitto’s systems”
Read 6 tweets
Nov 24, 2021
Using supposedly impregnable encrypted phones, Serbian hit men discussed plans to kill a judge. But as they texted, their messages also flashed up on the computer screens of a secret police team in Belgium that had hacked into the messenger service they were using, Sky ECC.
Sky sold phones w/ encryption software installed and GPS/camera/microphone disabled. Messages got automatically deleted after 48 hrs if contact wasn’t reachable, and devices could be wiped remotely. Sky said platform was impenetrable and offered $5 mil to anyone who could hack it
Authorities found Sky server in northern France and worked w/ officials to get access. At first they could only see metadata, not messages. Until an international team of hackers found way to decrypt about half of the 3 million daily messages, and used keyword filters to sort
Read 7 tweets
Nov 24, 2021
Sebold, author of the novel Lovely Bones, was assaulted as a college freshman. She later identified Broadwater as her attacker in court, though she'd identified someone else in police lineup. Broadwater was falsely convicted from her identification of him and faulty hair analysis
Wondering how the film adaptation of Sebold's memoir "Lucky" will handle the news revealed today that the person Sebold identified as her attacker years ago was not the person who attacked her. variety.com/2021/film/news…
Interesting detail. It was due to film adaptation of Sebold's memoir that Broadwater’s conviction was overturned. Producer on film grew skeptical of Broadwater’s guilt when reading the script. He dropped out of film project and hired private investigator.
theguardian.com/us-news/2021/n…
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

:(