Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Chris Dehghanpoor Profile picture
Chris Dehghanpoor
@chrisd9r
Investigative Reporter, @washingtonpost • past: infosec @ Google, AWS, Twitch • Tips? @chrisd9r.01 on Signal
4 subscribers
Feb 8 6 tweets 3 min read
I'm seeing a lot of people suggest Edward Coristine was involved with 764.

According to Krebs, there's evidence that Corisitine was a member of multiple COM chat servers.

But it's really important to note that COM is not synonymous with 764.

krebsonsecurity.com/2025/02/teen-o… COM is a sprawling network of sub-communities - 764 is one of those communities.

These sub-communities tend to cluster around a theme - there's gore COM, simswap COM, extortion COM, etc.

The members often engage in criminal activity, and there is membership overlap.
Nov 28, 2023 10 tweets 6 min read
Elon's implying that James Gordon Meek, the journalist that plead guilty to federal CSAM charges this year, was an "expert" in Pizzagate.

The claim has been making the rounds since the summer, when a site called The People's Voice claimed that Meek "debunked 'Pizzagate'".

As far as I can tell, TPV confused James Gordon Meek, an American, with a *different* James Meek that wrote an article about conspiracies for The London Review of Books. That James Meek is British and obviously not the same person.

James Gordon Meek committed a heinous crime by possessing CSAM. Three's no excuse for his actions and I'm thank he was caught and brought to justice.

But he did not "debunk 'Pizzagate'", nor has he ever claimed to be an expert in it.




Image
Image
Image
Image TPV first covered Meek's arrest in February of this year. Here was that headline. Image
Sep 8, 2023 30 tweets 7 min read
I keep tabs on a lot of the lawsuits filed after the 2020 election. Yesterday, I noticed a new filing in former Dominion exec Eric Coomer's defamation suit against MyPillow CEO Mike Lindell.

Coomer filed a motion for sanctions against Lindell, because Lindell has been "combative, vulgar, disrespectful, non-responsive, evasive, and consistently loud" during depositions.

They included video excerpts from the depositions with their filing.

Filing:

Docket:
Aug 15, 2023 19 tweets 7 min read
Going to bump a bunch of threads that are once again relevant after the Fulton County, GA indictments - starting with this rough accounting of events that followed the 2020 election. I began looking into the activities of Trump allies mostly out of curiosity.

I've been in infosec for 15 years, so claims of computer based tampering were right up my alley.

I started by looking at an affidavit submitted in Michigan for the Antrim case

Aug 7, 2023 28 tweets 15 min read
Lindell & Montgomery have used the protective order issued in Montgomery V ETreppid as the reason they have not been able to release the "packet captures", but the judge is very clear:

the protective order does not - and never has - block Montgomery's release of the "pcaps" Image
Image
Image
Image Here's some of my past coverage of this saga:

Mar 5, 2023 12 tweets 5 min read
A new video is making the rounds where the presenter claims to present evidence that voting machines used in the 2020 election were infected with malware.

In actuality, what they've found are antivirus definitions used by Windows Defender.

A (hopefully) quick thread..
Image
Image First, some background on how anti-virus programs work.

The two primary methods used by AV to detect malware are 1) signature-based detection and 2) behavior-based detection.

Most modern AV's use a hybrid but for decades, the state of the art was signature-based antivirus.
Jan 24, 2023 5 tweets 2 min read
Doug Frank published this diagram that he says explains Lindell’s PCAPs.

It doesn’t though.

The PCAPs Lindell has claimed we’re shared with him by Dennis Montgomery were supposedly collected using DM’s software. This diagram implies DM’s data came from…the cloud, I guess? Image
Image From what I understand about how Montgomery’s PCAP collection supposedly worked, is that it should be the bits I’ve circled in red.

But if that’s the case, how did the data go from being collected to being placed somewhere it was externally accessible? Image
Dec 6, 2022 7 tweets 2 min read
A fun update on Dennis Montgomery, Lindell’s “PCAP” guy: after a win in Oct, Montgomery filed to remove a protective order issued as part of an unrelated case settled in 2009.

The US Govt has once again responded with: seriously just give Lindell what he wants we don’t care Image
Image Courtlistener: storage.courtlistener.com/recap/gov.usco…
Oct 8, 2022 6 tweets 3 min read
Telegram is very excited that protective order supposedly stopping Lindell from revealing the PCAPs has been lifted, but that’s not exactly true.

The US Govt basically said the protective order never affected Lindell or the “data” to begin with Image
Image
Image
Image The whole filing is an entertaining read. I wonder if Dennis Montgomery expected this would happen so quickly, or if he was banking on hiding behind the protective for a bit longer.

Seriously can’t wait to see these PCAPs!

storage.courtlistener.com/recap/gov.usco…Image
Sep 15, 2022 12 tweets 5 min read
BREAKING: Per Doug Frank’s telegram, his phone was seized by two FBI agents today. This was likely due to Frank’s role in organizing the Mesa County, CO election breach. Image
Image This follows the seizure of Lindell’s phone. One of the documents Lindell shared specifically named Doug Frank as a co-conspirator.
Jan 26, 2022 4 tweets 3 min read
Took a peek at Sidney Powell’s Twitter between mid-to-late December and spotted this gem of a thread from Ron Watkins that she retweeted on 12/29. The thread was originally posted 12/17 - the day before that insane WH meeting.

Watkins calls EO 13848 “Trump’s rubicon” Image
Image Not suggesting Ron was the source of the EO 13848 plan (Kerik recently said that was Waldron’s idea) but we know that Ron was listed as an influencer in the “Strategic Communications Plan” dated 12/27/20
Jan 25, 2022 5 tweets 3 min read
Well that’d explain why an affidavit from Phil Waldron (and published by Patrick Byrne) overlapped significantly with the draft executive order

More details here: trapezoid.news/p/phil-waldron… x.com/woodruffbets/s…Image Also explains this
Dec 10, 2021 24 tweets 11 min read
NEW: I've found an editable PowerPoint version of the PDF that's floating around.

The .pps file contains additional metadata, and reveals that on slide 29, a white box was obstructing a logo for "Kraken Intel". You can see the top portion of the logo in the PDF. Image
Image
Image
Image The metadata contains the name of the last user to modify the file. It's important to note that this person *may not have had anything to do with the creation of the PowerPoint* - for all we know they were an AV dude that mistakenly shifted an image.
Dec 14, 2020 57 tweets 16 min read
I took today off to play Cyberpunk, but now that Trump's amplified the ASOG Antrim report, I guess I'll just start another thread to loosely collect my thoughts on the rest of it. You can find part 1 here: Let's go top-down. I'm working off of if you'd like to follow along. I can't guarantee that this thread will be accurate, coherent, or typo free because I've already started drinking Fernet, but I'll do my best.depernolaw.com/uploads/2/7/0/…