Author of Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data https://t.co/8q8Aq7nUwJ
masto: @micahflee@infosec.exchange
bsky: @micahflee.com
11 subscribers
Dec 15, 2022 • 17 tweets • 8 min read
Convicted insurrectionist @drsimonegold and founder of anti-vax disinformation group America's Frontline Doctors wants to help @elonmusk fact check medical information on Twitter theintercept.com/2022/12/15/elo…
Gold started AFLDS to push ivermectin and hydroxychloroquine as miracle cures for COVID-19 (they aren't), and to lie about vaccine safety. Last year I revealed that AFLDS convinced at least 72k people to spend at least $15M on fake COVID drugs theintercept.com/2021/09/28/cov…
Apr 19, 2022 • 27 tweets • 12 min read
I don't think people fully appreciate just how much, after invading Ukraine, people are hacking Russia. There are multiple hacks a week and it's only increasing. For first time in internet history Russia is fair game for cyber attacks, and this is what it looks like 🧵
Distributed Denial of Secrets has been archiving these dumps and making them torrents. DDoSecrets has been around for a few years but made a big splash in 2020, during BLM protests by publishing hacked data on hundreds of US local/federal police sites theintercept.com/2020/08/17/blu…
Feb 15, 2022 • 12 tweets • 5 min read
Donation site used by Freedom Convoy suffers 3rd data leak in two weeks. The new hack includes "a full 2.5 GB MySQL database dump, source code for their Bitbucket repo, information from their customer service systems” and limited credit card data dailydot.com/debug/givesend…
I'm starting to look at the latest GiveSendGo leak. The MySQL dump, called gsg_prod_v4_20220211.sql, appears to be a complete dump of their production database. It includes the entire donor history of everyone who's donated to any campaign before February 11, last Friday
Jun 23, 2020 • 6 tweets • 3 min read
This is beyond messed up. Twitter never suspended Wikileaks or blocked access to WL links over their publishing, but they’re doing it now because of #BlueLeaks, a 270gb set of leaked police documents
This is what happens when you try tweeting a link to DDOSecret's website
Apr 15, 2019 • 7 tweets • 3 min read
I've been reading the newly unsealed US v Assange affidavit, written by FBI special agent Megan Brown. Here are some parts that I find interesting courtlistener.com/recap/gov.usco…
The alleged crime was in 2010, but Brown wasn't assigned to the case until 2017. I think this adds weight to the argument that Obama DOJ decided they couldn't move forward for press freedom reasons, but Trump DOJ decided to just go for it, because screw the free press
Jan 24, 2019 • 12 tweets • 5 min read
Govs around the world, including China & Russia, but also US and allies, conduct "supply chain attacks", where they insert hardware implants into servers and routers before they get shipped to surveillance targets, according to Snowden documents theintercept.com/2019/01/24/com…
In October Bloomberg published a widely-disputed story claiming China conducted supply chain attacks against Supermicro motherboards. While the specific story may be completely wrong, supply chain attacks definitely happen bloomberg.com/news/features/…
Dec 4, 2018 • 10 tweets • 5 min read
LulzSec hacktivist Jeremy Hammond, who hacked private intelligence firm @Stratfor and leaked data to WikiLeaks in 2012, is beginning his third week in solitary confinement. He's been accused of "minor assault" for bumping a prison guard with a door theintercept.com/2018/12/04/jer…
UN's expert on torture said solitary confinement "can amount to torture or cruel, inhuman or degrading treatment or punishment," and called for an absolute prohibition on >15 days in solitary (about how long Jeremy's been there so far) because it can lead to lasting mental damage
Nov 16, 2018 • 6 tweets • 2 min read
Please don't support prosecuting Julian Assange for publishing. Yes, he's a sexist anti-Semite dipshit who promotes conspiracy theories and secretly collaborates with fascists then lies about it. But precedent in this case severely threatens press freedom freedom.press/news/prosecuti…
The indictment against him is sealed, so we don't know what he's charged with yet. Charges could include conspiracy with GRU or other Russian intelligence agents, or CFAA/hacking crimes. (Probably nothing related to Swedish rape accusations, but you never know.)
Oct 4, 2018 • 4 tweets • 2 min read
Wow this is wild. Chinese spies did a successful supply chain attack against US companies, affecting Amazon, Apple, US gov contractors, and many others. They implanted a tiny malicious chip into circuit boards during manufacturing bloomberg.com/news/features/…
lol
Oct 3, 2018 • 4 tweets • 2 min read
Close to 1,000 law professors across the country have signed a letter to the U.S. Senate stating that Brett Kavanaugh lacks the “judicial temperament” necessary for a seat on the U.S. Supreme Court law.com/2018/10/03/900…
Now over 1,200 law professors have signed the letter (so far). Here's the text of it, and the first 1000+ signers' names, titles, and universities nytimes.com/interactive/20…
Aug 15, 2018 • 7 tweets • 2 min read
We just published a Snowden document from 2006 about NSA successfully breaking the encryption and spying on VPNs run by Al Jazeera, the Iraqi military, airlines and reservation systems, and other "high potential" targets theintercept.com/2018/08/15/nsa…
VPNs are complicated. There are many protocols, and each can be configured in many ways to make it more or less secure. Exactly which VPNs NSA can crack is a closely-guarded secrets, and the Snowden archive doesn't contain the answer.
But it's clear they can't crack everything.
Jul 18, 2018 • 14 tweets • 4 min read
What we learned about Russian and U.S. spycraft from Mueller’s indictment of hackers theintercept.com/2018/07/18/mue…
Here are the main takeaways:
The Russians got caught because they didn't compartmentalize enough. They re-used infrastructure for their separate operations (DCLeaks, Guccifer 2.0, spearphishing, hacks of DCCC and DNC), confirming they were all controlled by the same people
Jun 5, 2018 • 4 tweets • 2 min read
Police broke into @xychelsea's home with guns drawn last week for a "wellness check". We obtained security footage of the armed police raid theintercept.com/2018/06/05/che…
"If Chelsea had been home when these cops arrived with guns drawn, she would be dead," her close friend Janus told us, who was on the phone with her that night
Apr 28, 2018 • 5 tweets • 3 min read
For the last two years I've carried around a honeypot laptop every time I traveled. After my trip, I did forensic analysis on it to see if anyone tampered with it. I just wrote about the experience and methodology theintercept.com/2018/04/28/com…
I checked it in my luggage, which got searched by TSA at least 8 times, and left it unattended in many different hotel rooms, hoping someone would tamper with it. Unfortunately (or, fortunately?) I didn't catch any evil maid attacks.
Feb 14, 2018 • 41 tweets • 24 min read
The Intercept has obtained DMs from a private Twitter group with @wikileaks and its most loyal supporters. It includes:
- A desire for GOP to win the 2016 election
- Trolling
- Anti-semitism
- Rampant misogyny, sexist attacks on feminists
- Transphobia
theintercept.com/2018/02/14/jul…
One of the members of the group, Hazelpress, archived it to leak to the media after news broke that WikiLeaks was secretly talking to @DonaldJTrumpJr, urging Trump to reject election results as rigged if he lost, asking Trump to get Assange an Australian Ambassadorship
Jan 9, 2018 • 13 tweets • 4 min read
In case you missed it when it was happening, would you like to hear a story about that time @WikiLeaks attacked brave investigative journalists for exposing Vladimir Putin's corruption?
Follow along. 1/x
In 2015 an anonymous source leaked a massive trove of tax haven data to the German newspaper @SZ. This was #PanamaPapers. It was an ABSURD amount of data. So SZ enlisted help from an international network of investigative journalists @ICIJ, who shared it further
Jan 4, 2018 • 14 tweets • 4 min read
Over the last two weeks, WikiLeaks has targeted their army of twitter trolls against me, stemming from a unanimous decision from @freedomofpress's board. WikiLeaks and their trolls are spreading a lot of misinformation about this, so I thought I'd just clear it up. 1/x
In 2010, US government officials put pressure on Visa, MasterCard, PayPal, and Bank of America to stop processing payments for WikiLeaks. There was no court order, this was an extra-legal attempt to financially censor a news organization. 2/x