Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Jackie Singh 🇺🇸 Profile picture
@HackingButLegal
Jul 10, 2024 18 tweets 6 min read Read on X
I am reviewing this alleged hack of The Heritage Foundation.

I have identified very embarrassing data within this dataset. Why so many Chinese IP addresses? 🤔
The zipped file contains one single file:

"daily-signal_dev_database_new.sql"

This appears to be a combined set of exports from a SQL database. Here are the first lines Image
Because this is a combined export (likely from the command line) of various tables, the file is not readable by a typical SQL editor, and needs to be split into pieces to make it so.

I'd rather just turn it into CSV chunks to start cleaning up the dataset for further analysis
There are 215,000 lines or so in the WordPress Comments table. As you can see, comment_author_IP is available, which is broadly useful to get a sense of where people posting replies to the Heritage blog are coming from in the world.

Earliest date: 2008-01-04. Newest: 2022-11-09 Image
After creating a CSV chunk with only the WP comments table, now I can view columns and extract their content as needed. After extracting IP addresses from the author column, I can eliminate duplicates and work on analyzing their presumed geo origin, which is of interest to me Image
Dataset was a little dirty and a hassle to clean up.

Here are the 60K extracted IPs from the WP Comments table:

#HeritageFoundation defuse.ca/b/PTrmvlbs
Image
Sample geolocations from the first 100 IPs (these are sorted 'low to high', and many Asia-based netblocks start with the number 1) Image
Spies in the dataset

Here are the 69.5K email addresses present within the complete dataset:



🤔 235 .mil and .gov email addresses
🤔 95 .ru and .cn email addresses

#HeritageFoundationdefuse.ca/b/mLXCi0iXsGFj…
Linked below is a statistical breakdown of the domain names associated with all email addresses in the dataset.

Stacking and counting are basic analytical tools which can help analysts identify outliers.

defuse.ca/b/GMCj2uAfvELn…
Image
I have a script running to grab geolocation information and will tweet when it finishes.

Those working at big companies with access to certain commercial tools can do this more quickly than I can.
Because the original host took the file down, you can now find it here:

This is a 368 MB .zip file which uncompresses to a single 1.94 GB flat file.

SHA256: 3dcc258331d9139a654402d20b756b57ca17228aa9e2f80a4b6451b96c8eac70tan-medieval-hornet-252.mypinata.cloud/ipfs/QmVwiYsr4…
The hacker group claiming responsibility for this action has released new information on their Telegram channel. Image
Here is the list of Administrators.

defuse.ca/b/ely6s7iwqpLF…
BREAKING: SiegedSec claims to have officially disbanded.

#HeritageFoundation
Image
Image
Updated download link
@CloudsEdgeArt1 I am the first person covering this.
@loudmog cloudflare-ipfs.com/ipfs/QmVwiYsr4…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jackie Singh 🇺🇸

Jackie Singh 🇺🇸 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @HackingButLegal

Jackie Singh 🇺🇸 Profile picture
May 29
Rest In Pieces, Mohammad Sinwar 🖕

Free Palestine.
These are not conflicting views. You can want for the people of Palestine & Israel to peacefully co-exist and for the apartheid & genocide to end while also decrying the garbage leadership of both nations. Yes, I cheer for the death of terrorists who do not love their own people.
No, I will not give Netanyahu an "attaboy" for genocide which includes 20K children and destroying many multiples of other lives/communities for the sake of eliminating Sinwar. Nobody should. The atrocities in Gaza cannot be left unanswered. Those responsible must face the ICC.
Read 15 tweets
Jackie Singh 🇺🇸 Profile picture
May 27
Reviewing the government's complaint against the alleged Israeli Embassy shooter "Elias Rodriguez" revealed additional suspicious patterns of behavior which could be markers of tradecraft that strengthen my case for intelligence involvement in the murders of Sarah and Yaron.
1. Pro Timing & Logistics:

- OPSEC: Last-min ticket purchase (3hrs before event)
- Planning: Interstate firearm transport via commercial airline
- Minimal exposure window via 1day operation (arrived May 20, attacked 21st)
- Target-rich environment: Gathering of Israeli diplomats
2. Behavioral Anomalies:

- Immediate surrender after attack, unusual for genuine extremist
- Calm confession without lawyer present
- No escape attempt despite advance planning suggests mission completion priority
- Theatrical political messaging: Keffiyeh as prop
Read 8 tweets
Jackie Singh 🇺🇸 Profile picture
May 27
🧵THREAD: 🚩🚩🚩 Red flags suggest the Israeli Embassy shooter "Elias Rodriguez" isn't a genuine American progressive, but possibly an agitator from an authoritarian regime. I analyzed his Goodreads reading list which has 279 entries stored since 2012 under a name that isn't his. Image
1/9 Real American leftists typically discover Russian literature through college (Tolstoy, Dostoevsky). This person reads obscure Soviet political figures - Molotov memoirs rated 5 stars! That's knowledge usually gained through family/cultural transmission, not U.S. education.
2/9 Genuine campus radicals usually start with contemporary issues (climate, inequality) then work backward to theory. This dude shows the reverse: started with dense communist theory (2013-2015) then applied it to current events. 12-year systematic preparation looks professional
Read 10 tweets
Jackie Singh 🇺🇸 Profile picture
May 27
1/ I found a perfect lil' nugget while performing a basic linguistic analysis of the Israeli Embassy shooter's manifesto (published by Klippenstein, who was allegedly visited by fed. agents wanting to know where he got it).

My analysis suggests the phrase "highly legible"... Image
2/ My analysis suggests the phrase "highly legible", when applied to an action, represents a classic "calque": a direct translation that preserves the semantic structure of the source language rather than adopting natural target language expressions.
3/ In Russian, the word "читаемый" (chitaemyy) encompasses both "readable" (for text) and "comprehensible/intelligible" (for actions, situations, or concepts), but English restricts use of the word "legible" exclusively for written material.
Read 7 tweets
Jackie Singh 🇺🇸 Profile picture
May 23
This thread will covers the violations of human rights which affected this former police officer traveling to Hawai'i from Australia to visit her US Army Lieutenant husband:

1/9 🧵 Image
Image
2/ Right to Due Process and Fair Treatment

Australian woman detained at US border for 24 hours without clear charges, denied legal representation, and officials broke promise to contact her husband.

Basic fair treatment protections completely ignored.
3/ Right to Human Dignity and Protection from Degrading Treatment

Forced intense cavity search, strip search, and public humiliation while handcuffed through airport–all without criminal charges.

Treatment designed to degrade and humiliate an innocent traveler.
Read 11 tweets
Jackie Singh 🇺🇸 Profile picture
May 22
🧵 1/8 THREAD: SCOTUS just handed down a ruling that could LIMIT Trump's ability to prosecute DEI violations, even though it sided with the government.

Here's why I believe Kousisis v. US matters, although I am not an attorney, and this is not legal advice:
2/ THE CASE: Contractors lied about using minority-owned businesses on government projects.

They got paid $20M+ but delivered exactly what was promised, just didn't follow the diversity requirements.

SCOTUS: Still fraud, convictions upheld.
3/ BUT HERE'S THE CATCH: The Court made "materiality" a mandatory, demanding requirement for ALL federal fraud cases.

The government must now prove that lies go to the "essence of the bargain", not just technical rule-breaking.
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(