Fake URL’s and Shortening During Arab Spring/Iran

Posted on August 2, 2016August 2, 2016 by Denise Simon

In 2014, it was reported but not widely so.

Edward Snowden leaked a top-secret GCHQ document which details the operations and the techniques used by JTRIG unit for propaganda and internet deception.

SecurityAffairs: The JTRIG unit of the British GCHQ intelligence agency has designed a collection of applications that were used to manipulate for internet deception and surveillance, including the modification of the results of the online polls. The hacking tools have the capability to disseminate fake information, for example artificially increasing the counter of visit for specific web sites, and could be also used to censor video content judged to be “extremist.” The set of application remembers me the NSA catalog published in December when the Germany’s Der Spiegel has revealed another disturbing article on the NSA surveillance, the document leaked by tge media agency was an internal NSA catalog that offers spies backdoors into a wide range of equipment from major vendors.

The existence of the tools was revealed by the last collection of documents leaked by Edward Snowden, the applications were created by GCHQ’s Joint Threat Research Intelligence Group (JTRIG) and are considered one of the most advanced system for propaganda and internet deception. JTRIG is the secret unit mentioned for the first time in a collection of documents leaked by Snowden which describe the Rolling Thunder operation, the group ran DoS attack against chatrooms used by hacktivists. More here.

It is being reported again and it may be just good tradecraft by British intelligence.

British Spies Used a URL Shortener to Honeypot Arab Spring Dissidents

Motherboard: A shadowy unit of the British intelligence agency GCHQ tried to influence online activists during the 2009 Iranian presidential election protests and the 2011 democratic uprisings largely known as the Arab Spring, as new evidence gathered from documents leaked by Edward Snowden shows.

The GCHQ’s special unit, known as the Joint Threat Research Intelligence Group or JTRIG, was first revealed in 2014, when leaked top secret documents showed it tried to infiltrate and manipulate—using “dirty trick” tactics such as honeypots—online communities including those of Anonymous hacktivists, among others.

The group’s tactics against hacktivists have been previously reported, but its influence campaign in the Middle East has never been reported before. I was able to uncover it because I was myself targeted in the past, and was aware of a key detail, a URL shortening service, that was actually redacted in Snowden documents published in 2014.

THE HONEYPOT

A now-defunct free URL shortening service—lurl.me—was set up by GCHQ that enabled social media signals intelligence. Lurl.me was used on Twitter and other social media platforms for the dissemination of pro-revolution messages in the Middle East.

These messages were intended to attract people who were protesting against their government in order to manipulate them and collect intelligence that would help the agency further its aims around the world. The URL shortener made it easy to track them.

I was able to uncover it because I was myself targeted in the past

The project is linked to the GCHQ unit called the Joint Threat Research Intelligence Group or JTRIG, whose mission is to use “dirty tricks” to “destroy, deny, degrade [and] disrupt” enemies by “discrediting” them, according to leaked documents.

The URL shortening service was codenamed DEADPOOL and was one of JTRIG’s “shaping and honeypots” tools, according to a GCHQ document leaked in 2014.

Leaked GCHQ document listing shaping and honeypot tools used by JTRIG.

Earlier in the same year, NBC News released a leaked document showing that JTRIG attacked the hacktivist outfits Anonymous and LulzSec by launching Distributed Denial of Service (DDoS) attacks on chatroom servers know as Internet Relay Chat (IRC) networks.

The group also identified individuals by using social engineering techniques to trick them into clicking links—a technique commonly used by cybercriminals.

One slide showed a covert agent sending a link—redacted by NBC in the slide—to an individual known as P0ke. According to the slide, this enabled the signals intelligence needed to deanonymize P0ke and discover his name, along with his Facebook and email accounts.

In the fall of 2010, I was an early member of the AnonOps IRC network attacked by JTRIG and used by a covert GCHQ agent to contact P0ke, and in 2011 I co-founded LulzSec with three others. The leaked document also shows that JTRIG was monitoring conversations between P0ke and the LulzSec ex-member Jake Davis, who went by the pseudonym Topiary.

Through multiple sources, I was able to confirm that the redacted deanonymizing link sent to P0ke by a covert agent was to the website lurl.me.

Leaked GCHQ slide from document titled “Hacktivism: Online Covert Action.”

COVERT DISRUPTION

Further investigation of the URL shortener using public data on the web exposed a revealing case study of JTRIG’s other operations that used the DEADPOOL tool, including covert operations in the Middle East.

The Internet Archive shows that the website was active as early as June 2009 and was last seen online on November 2013. A snapshot of the website shows it was a ”free URL shortening service” to ”help you get links to your friends and family fast.”

Snapshot of lurl.me.

Public online resources, search engines and social media websites such as Twitter, Blogspot and YouTube show it being used to fulfill GCHQ geopolitical objectives outlined in previously leaked documents. Almost all 69 Twitter pages that Google has indexed referencing lurl.me are anti-government tweets from supposed Iranian or Middle Eastern activists.

The vast majority are from Twitter accounts with an egg avatar only active for a few days and have a few tweets, but there were a couple from legitimate accounts that have been tweeting for years, who have retweeted or quoted the other accounts tweeting from the URL shortener.

According to agency documents published by The Intercept, one of the strategies for measuring the effectiveness of an operation is to check online to see if a message has been “understood accepted, remembered and changed behaviour”. This could for example involve tracking those who shared or clicked on the lurl.me links created by GCHQ.

The group also identified individuals by using social engineering techniques to trick them into clicking links

Another JTRIG document published by The Intercept titled “Behavioural Science Support for JTRIG’S Effects and Online HUMINT Operations” can be used to understand the content associated with social media accounts that used the URL shortener.

JTRIG has an operations group for global targets, which then has a subteam for Iran, According to the document. It further states that “the Iran team currently aims to achieve counter-proliferation by: (1) discrediting the Iranian leadership and its nuclear programme; (2) delaying and disrupting access to materials used in the nuclear programme; (3) conducting online HUMINT; and (4) counter-censorship.”

The document goes on to detail the methods that JTRIG employs to achieve these goals, such as creating false personas, uploading YouTube videos, and starting Facebook groups to push specific information or agendas. Many of the techniques outlined are evident in social media accounts that aggressively use the URL shortener.

Page from leaked GCHQ document titled “Behavioural Science Support for JTRIG’S Effects and Online HUMINT Operations,” published at The Intercept.

AGENTS OF THE CAMPAIGN

There appear to be a small number of Twitter accounts that were only active during the month of June 2009, have very few followers, and repeatedly tweet the same content and links from lurl.me. One of the earliest and prolific accounts to tweet using the URL shortener is 2009iranfree. Read more here from Motherboard.

Russian spies claim they can now collect crypto keys

Posted on August 1, 2016August 1, 2016 by Denise Simon

Filed under Vlad’s Glad…ah ha ha

Russian spies claim they can now collect crypto keys—but don’t say how

Putin gave KGB’s successor agency two weeks to deal with encrypted services.

ArsTechnica: Russia’s intelligence agency the FSB, successor to the KGB, has posted a notice on its website claiming that it now has the ability to collect crypto keys for Internet services that use encryption. This meets a two-week deadline given by Vladimir Putin to the FSB to develop such a capability. However, no details have been provided of how the FSB is able to do this.

The FSB’s announcement follows the passage of Russia’s wide-ranging surveillance law, which calls for metadata and content to be stored for six months, plus access to encrypted services, as Ars reported back in June.

The new capability seems to go even further, since the FSB notice (in Russian) speaks of obtaining the “information necessary for decoding the electronic messaging received, sent, delivered, and (or) processed by users of the ‘Internet’ network.”

Being able to decode Internet communications would seem to imply getting hold of any crypto keys that are used. However, as an article on The Daily Dot points out, it is still not clear what the new laws will require: “No one seems to know what this new law means in the slightest. Or, more accurately, the people who do know are keeping mum.”

Three of the services that are likely to be most affected by the new requirements are Facebook’s WhatsApp, Telegram, and Viber. Ars has asked all three for clarification on what the Russian authorities have asked for, and what information the companies are or will be providing, but has not yet received any reply. This post will be updated with responses when they are received.

Related reading: Is the U.S. Hacking Back? Uh Huh

The Daily Dot quotes Russian technologist Anton Nesterov as saying that it’s not even clear whether the new legislation applies to VPNs or basic SSL keys, nor whether mainstream electronic payment systems must hand over their keys as a matter of routine.

Nesterov also points out the dangers involved in providing this information, not least because leaks of such valuable data are always a risk.

*****

In part from CSO: Networks at some 20 organizations in Russia — including scientific and military institutions, defense contractors, and public authorities — were found to be infected with the malware, the Russian Federal Security Service (FSB) said Saturday. The range of infected sites suggests that the targets were deliberately selected as part of a cyber-espionage operation, the FSB said.

Analysis of the attack showed that filenames, parameters and infection methods used in the malware are similar to those involved in other high-profile cyber-espionage operations around the world.

The software was adapted to the characteristics of each PC targeted, and delivered in a malicious email attachment, the FSB said.

Once installed, it downloaded additional modules to perform tasks such as monitoring network traffic, capturing and transmitting screenshots and keystroke logs, or recording audio and video using the PC’s microphone and webcam.

The FSB is working with ministries and other government agencies to identify all the victims of the malware, and to limit its effects, it said.

Russia is said to be the source, not the target, of another government-related cyber-attack. Last week, evidence emerged suggesting Russian involvement in an attack on computers at the Democratic National Committee, where recent data leaks have tarnished the campaign of presidential candidate Hillary Clinton.

Rival republican candidate Donald Trump last week suggested Russian spies should infiltrate Clinton’s email system in search of 30,000 messages allegedly missing from an investigation into her use of a private email server for official correspondence while secretary of state.

A Major Flaw at the DNC, Did you Catch it?

Posted on July 30, 2016July 30, 2016 by Denise Simon

Was this purposeful or just stupidity?

Russian ships displayed at DNC tribute to vets

MilitaryTimes: On the last night of the Democratic National Convention, a retired Navy four-star took the stage to pay tribute to veterans. Behind him, on a giant screen, the image of four hulking warships reinforced his patriotic message.

But there was a big mistake in the stirring backdrop: those are Russian warships.

While retired Adm. John Nathman, a former commander of Fleet Forces Command, honored vets as America’s best, the ships from the Russian Federation Navy were arrayed like sentinels on the big screen above.

These were the very Soviet-era combatants that Nathman and Cold Warriors like him had once squared off against.

The lady in the red jacket is a Congresswoman from Hawaii, Tulsi Gabbard. Tulsi served two tours of duty in the Middle East, and she continues her service as a Major in the Army National Guard.

“The ships are definitely Russian,” said noted naval author Norman Polmar after reviewing hi-resolution photos from the event. “There’s no question of that in my mind.”

Naval experts concluded the background was a photo composite of Russian ships that were overflown by what appear to be U.S. trainer jets. It remains unclear how or why the Democratic Party used what’s believed to be images of the Russian Black Sea Fleet at their convention.

A spokesman for the Democratic National Convention Committee was not able to immediately comment Tuesday, saying he had to track down personnel to find out what had happened.

The veteran who spotted the error and notified Navy Times said he was immediately taken aback.

“I was kind of in shock,” said Rob Barker, 38, a former electronics warfare technician who left the Navy in 2006. Having learned to visually identify foreign ships by their radars, Barker recognized the closest ship as the Kara-class cruiser Kerch.

“An immediate apology [from the committee] would be very nice,” Barker said. “Maybe acknowledge the fact that yes, they screwed up.”

The background — featured in the carefully choreographed hour leading up to the president’s Sept. 6 speech accepting the Democratic Party’s nomination — showed four ships with radar designs not used in the U.S. fleet.

For example, the ship in the foreground, on the far right, has a square radar antenna at the top of its masthead. That is the MR-700 Podberezovik 3-D early warning radar, commonly identified as “Flat Screen” for its appearance, a three-dimensional early warning radar mounted on the Kerch, said Eric Wertheim, editor of “Combat Fleets of the World.”

Similarly, the third ship has a MR-310 “Head Net” air search radar, shaped like two off-set bananas, at its masthead and is mostly likely the guided missile destroyer Smetlivyy. The first two ships seem to be Krivak-class frigates, but it’s hard to discern from the silhouette, experts said.

But the fact they are Russian ships is not in doubt. In addition to the ship’s radar arrays and hulls, which are dissimilar from U.S. warships, the photo features one more give-away: a large white flag with a blue ‘X’ at the ships’ sterns.

Polmar, who authored “The Naval Institute Guide to the Soviet Navy,” recognized the blue ‘X’-mark: “The X is the Cross of St. Andrew’s, which is a Russian Navy symbol,” Polmar said. (An anchored U.S. warship, by contrast, flies the American flag on its stern.)

Based on this specific group of these ship types, one naval expert concluded that this was most likely a photo of the Black Sea Fleet.

“Ships are all Black Sea Fleet,” A. D. Baker III, a retired Office of Naval Intelligence analyst, told Navy Times after looking at the image. “These four ships, at the time the photo was taken, constituted the entire major surface combatant component of the Black Sea Fleet,” Baker said, noting the photo was likely to be six years old or older. (The Kerch is now on the list to be scrapped, Baker said.)

Barker, the former sailor who first spotted the errors, believes the seven aircraft streaking by are F-5 jets, a trainer used by the U.S. Navy. Asked to explain how he reached that conclusion, the former airplane spotter ticked off a list: “Twin engine, single rudder, with hard points on the wingtips, with that silhouette is going to make them F-5s.”

Meanwhile, how about understanding what Russia is up to today?

Kommersant newspaper provided a few details about a new orbital surveillance system being developed for the Russian Ministry of Defense. The new system, consisting of three brand new Razdan-class satellites, is set to be lifted into orbit between 2019 and 2024 from the Plesetsk Cosmodrome. The system will complement and eventually replace the Persona-class optical-electronic satellites presently used by the military. The new satellite is being developed by the TsSKB-Progress research and production center.

Unfortunately, very little information has been made public about the new surveillance satellite’s capabilities. In any case, Kommersant reported that the Razdan will feature a significant improvement over the capabilities of its predecessors, including a new high-speed secure radio channel. The second and third satellites launched are also expected to feature new optics with an objective lens diameter of 2 meters.

Much more is known about Razdan’s predecessor, the 14F137 Persona. Between 2008 and 2015, the Russian military launched three Persona-class surveillance satellites. The first was lost in 2008 due to a technical fault. The second and third devices (launched in June 2013 and June 2015, respectively) remain in perfect working order, and rumor has it that they are being actively used in Russia’s anti-terrorist operation in Syria.

The satellites are charged with providing the Russian General Staff with highly detailed operational imagery. Moreover, the military’s need for operational intelligence in Syria has proven so great that the military has turned to using civilian satellites of the Resurs and Kanopus class. More here.

Is the U.S. Hacking Back? Uh Huh

Posted on July 30, 2016July 30, 2016 by Denise Simon

Like here perhaps? This could lead to a real devastating condition as it should be remembered what Russia did to Ukraine just a few months ago, hacked their power system.

Russia cyber attack: Large hack ‘hits government’

BBC: A “professional” cyber attack has hit Russian government bodies, the country’s intelligence service says.

A “cyber-spying virus” was found in the networks of about 20 organisations, the Federal Security Service (FSB) said.

The report comes as Russia stands accused over data breaches involving the Democratic Party in the US.

The Russian government has denied involvement and has denounced the “poisonous anti-Russian” rhetoric coming out of Washington.

The FSB did not say who it believed was responsible for hacking Russian networks, but said the latest hack resembled “much-spoken-about” cyber-spying, without elaborating.

What are Trump’s ties to Russia?

Democrat hack: Who is Guccifer 2.0?

It said the hack had been “planned and made professionally”, and targeted state organisations, scientific and defence companies, as well as “country’s critically important infrastructures”.

The malware allowed those responsible to switch on cameras and microphones within the computer, take screenshots and track what was being typed by monitoring keyboard strokes, the FSB said.

In the US, the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee have both suffered hacks in recent weeks.

Emails from the DNC were later distributed by the Wikileaks organisation, and showed party officials had been biased against Bernie Sanders in his primary race against Hillary Clinton.

US officials believe the cyber attacks were committed by Russian agents.

The Kremlin has repeatedly denied being responsible, and Mrs Clinton’s presidential rival Donald Trump said he had no ties to Russia.

The Clinton campaign said on Friday that an analytics data program, which it shared with other entities, had been accessed by hackers.

But, her press secretary Nick Merrill said, there was “no evidence that our internal systems have been compromised”.

The FBI said it was investigating the extent of any hacking.

The NSA Is Likely ‘Hacking Back’ Russia’s Cyber Squads

By Lee Ferran ASPEN, Color ado — Jul 30, 2016
U.S. government hackers at the National Security Agency are likely targeting Russian government-linked hacking teams to see once and for all if they’re responsible for the massive breach at the Democratic National Committee, according to three former senior intelligence officials. It’s a job that the current head of the NSA’s elite hacking unit said they’ve been called on to do many times before.

ABC: Robert Joyce, chief of the NSA’s shadowy Tailored Access Operations, declined to comment on the DNC hack specifically, but said in general that the NSA has technical capabilities and legal authorities that allow the agency to “hack back” suspected hacking groups, infiltrating their systems to gather intelligence about their operations in the wake of a cyber attack.

“In terms of the foreign intelligence mission, one of the things we have to do is try to understand who did a breach, who is responsible for a breach,” Joyce told ABC News in a rare interview this week. “So we will use the NSA’s authorities to pursue foreign intelligence to try to get back into that collection, to understand who did it and get the attribution. That’s hard work, but that’s one of the responsibilities we have.”

Predators Exploiting Personal Info in DNC Hack

‘Beyond a Reasonable Doubt,’ Russians Hacked DNC, Analyst Says

The NSA deferred direct questions about its potential involvement in the DNC hack investigation to the FBI, which is the leading agency in that probe. Representatives for the bureau have not returned ABC News’ request for comment. Lisa Monaco, President Obama’s homeland security and counterterrorism adviser whose responsibilities include cyber policy, declined to comment.

A former senior U.S. official said it was a “fair bet” the NSA was using its hackers’ technical prowess to infiltrate two Russian hacking teams that the cybersecurity firm Crowdstrike alleged broke into the DNC’s system and were link ed to two separate Russian intelligence agencies, as first reported by The Washington Post. In some past unrelated cases, the former official said, NSA hackers have been able to watch from the inside as malicious actors conduct their operations in real time.

Rajesh De, former general counsel at the NSA, said that if the NSA is targeting the Russian groups, it could be doing it under its normal foreign intelligence authorities, as the Russian government is “clearly … a valid intelligence target.” Or the NSA could be working under the FBI’s investigative authority and hacking the suspects’ systems as part of technical support for investigators, said De, now head of the cyber security practice at the law firm Mayer Brown.

In the aftermath of an attack, a CIA official said that if there is an “overseas component,” the NSA would be involved along with the CIA’s own newly formed Directorate of Digital Innovation. The two agencies would work, potentially along with others in government, to sniff out suspects’ “digital dust.”

“It turns out that the people who carry out these activities use their keyboards for other things too,” said Sean Roche, Associate Deputy Director for Digital Innovation at the CIA. Any attribution investigations, Roche said, would also include offline information — the product of old fashioned, on-the-street intelligence gathering.

Like Joyce, Roche said he was speaking generally and could not comment on the DNC hack.

While U.S. officials have told news outlets anonymously they concur with Crowdstrike and other private cybersecurity firms who have pointed to Russian culpability, the U.S. government has declined to publicly blame the Russians.

The Russian government has said the hacking allegations are “absurd”.

Director of National Intelligence James Clapper told the audience at the Aspen Security Forum Thursday that the U.S. intelligence community was “not quite ready to make a call on attribution,” though he said there were “just a few usual suspects out there.” The next day CIA Director John Brennan said that attribution is “to be determined” and a lot of people were “jumping to conclusions.”

Professional hackers often use proxies, Brennan said, so investigators have to make two or three “hops” before tracing cyber attacks back to a state’s intelligence agency, which makes the attribution process more difficult.

Kenneth Geers, a former cyber analyst at the Pentagon who recently published a book about Russian cyber operations, told ABC News earlier this week that he didn’t necessarily doubt it was the Russians, but said that even in the best cases when doing cyber investigations, “You can have a preponderance of evidence — and in nation-state cases , that’s likely what you’ll have — but that’s all you’ll have.”

That, he said, opens the possibility, however remote, that a very clever hacker or hacking team could be framing the Russians.

Michael Buratowski, the senior vice president of cybersecurity services at Fidelis Cybersecurity which studied some of the malicious code, said the evidence pointing to the Russians was so convincing, “it would have had to have been a very elaborate scheme” for it really to have been anyone else.

The NSA’s Joyce said that in general it’s very difficult to properly frame someone for a comp lex attack, since too many details have to be exactly right, requiring a tremendous amount of expertise and precision.

But Joyce said that before the U.S. government pins blame on anyone for a cyber attack publicly, the evidence has to pass an “extremely high bar.”

So when they do come forward, he said, perhaps based on the results of attribution techniques that have not been publicly described, “You should bank on it.”

The U.S. has had a Russian Problem of Espionage for Decades

Posted on July 29, 2016July 29, 2016 by Denise Simon

What is terrifying and pathetic is the Obama White House and both Secretaries of State Hillary Clinton and John Kerry have been stooges of Putin….groveling for normalcy just as they have with the regime of Iran. This is an administration that is normalizing relations with all terror regimes across the globe that include North Korea, Cuba and Venezuela. Hillary said that Bashir al Assad of Syria was a reformer when 400,000 Syrians are dead and 4-5 million have left their homes. Then, we all remember that the Obama White House negotiated with Qatar to released 5 Taliban commanders in exchange for one Army deserter. Talks have been ongoing with the Taliban for years until just recently.

But back to Russia….before the hacking, to sway and or interfere with U.S. elections.

No one is admitting that Russian in cadence with WikiLeaks has hacked Hillary’s campaign systems, DCC and the DNC as well as other government systems. Why? Perhaps diplomacy due to talks continued talks with Iran and ending the civil war in Syria. Remember that ‘red-line’ on chemical weapons use.

So, let’s go back a way, like over a decade and up to just a couple of years ago when it came to Russian spies in the United States, shall we? This is for perspective and how the Obama administration including his National Security Council and the State Department continue to ‘omit’ history…

Espionage continues and tactics have not changed for Russia where cyber intrusions have replaced in country operatives, however a look at those operatives’ skills and missions must not be overlooked or dismissed.

Image result for russian spies caught

Let’s begin with Anna Chapman, the Russian spy.

DailyNews: Sultry former Russian secret agent Anna Chapman ended an exchange with NBC News almost before it began when she was pressed about her playful Twitter marriage proposal to NSA leaker Edward Snowden.

Here is the official criminal complaint and summary of how the FBI tracked her actions filed in 2010. The file also includes an additional spy Mikhail Sememko. This actually began in 1990….yes 1990.

But actually there were 8 more Russian spies and this is the criminal complaint for that case. What is fascinating here is the many stopovers in Latin America…..

The spying spree finally came to its end in the summer of 2014, when the trio were propositioned by a self-described investor who wanted to develop casinos in Russia. The scheme immediately drew red flags among the group, with Sporyshev offering that the proposal felt “like some sort of set-up.”
But despite his misgivings, Sporyshev didn’t stop Buryakov from meeting with the supposed investor, who was, in fact, an FBI informant.
For six hours on Aug. 28, Buryakov and the informant met in the anemic gambling metropolis Atlantic City. The informant, who claimed he had a well-placed source in the U.S. government, handed Buryakov documents that were labeled “Internal Treasury Use Only” and contained a list of Russians who were essentially blacklisted from doing business with the United States.
The valuable document earned the informant another meeting that day, when he offered Buryakov another official document that contained “a list of Russian banks… on which to impose sanctions,” according to the criminal complaint. More from DailyBeast.

Then there was a dead Russian, Mikhail Lesin. found in a hotel in Dupont Circle, Washington DC. A story that came and went real fast.

Image result for russian Mikhail Lesin

Mr. Lesin was a major figure in Russian media after the fall of the Soviet Union, first as an advertising executive and later as a top government official and media executive.

He had deep connections to the Russian state at the time Mr. Putin was reasserting his authority over the country’s rambunctious and freewheeling media. He was a crucial figure in that process, which began with the takeover of Russia’s first independent television channel, NTV, in the early 2000s, and was viewed with bitterness by many Russian journalists at that time.

He was Russian press minister between 1999 and 2004 — a time of increasing government pressure on independent journalists and media outlets in the country — and later served as a presidential adviser, spearheading the development of the government’s growing media and technology apparatus.

More recently, Mr. Lesin became head of Gazprom-Media, the country’s largest media holding company, in 2013, but resigned from that position in late 2014.

While still with the company in 2014, Mr. Lesin’s personal wealth attracted suspicion in the United States. Senator Roger Wicker, Republican of Mississippi, called for a Justice Department investigation, raising the possibility of corruption and money-laundering charges based on what he alleged were millions of dollars in assets, including $28 million worth of real estate in Los Angeles, controlled by the former civil servant. It is unclear whether such an investigation occurred. More here from the NewYorkTimes.

(Note, one of Trump’s top foreign policy advisors, Carter Page is deeply connected to Gazprom.)

(Note: Three former U.S. officials said that a trip Flynn took last December to Moscow—where he was filmed sitting at the head table next to Russian President Vladimir Putin during a formal dinner—set off alarms within military and intelligence circles over whether Flynn had notified the U.S. government about his foreign travel, as his security clearance requires.
The Defense Intelligence Agency spokesman said that Flynn had given the proper notices. But a current senior defense official said that word of Flynn’s travel didn’t reach the office of Defense Secretary Ash Carter, and that Pentagon brass were taken by surprise that he didn’t notify the department.
That he would be working with the Trump campaign or pushing for better U.S.-Russian relations, even as the two nations are battling each other on the behalf of proxy forces in Syria, was less surprising, the official said.
“He’s always been a bit of a wild card,” he concluded.
Another former senior U.S. intelligence official who knows Flynn said that he recently praised Trump as a “skilled negotiator” during a meeting of security leaders and experts in Washington. This person said the pair had become so close that, were Trump to win the presidency, he would likely nominate Flynn as the next Director of National Intelligence, the top intelligence official in the government. Via DailyBeast)