Durham’s Evidence of Hillary et. al and the Concocted RussiaGate

It was and for that matter still is an unconventional and unconditional war on a presidential candidate, a president and the American people. It should also be noted that Hillary did not invent the whole fake scandal but she did approve it and paid for it.

When former Attorney General William Barr gave testimony and said in summary that the Trump operation was SPIED on, he was right and more right that we can understand. When Donal Trump said that his team was wire-tapped…while wire tapping is no longer the tactic used…he too was quite right.

This is a very confusion affair but there are several key people that should be not only indicted but surely jailed. The BIG question is will now Attorney General Merrick Garland allow prosecution as it should happen…

https://media.breitbart.com/media/2017/05/John-Brennan-Getty.jpg John Brennan, former Director of the CIA

Remember Peter Strzok and Marc Elias? They both have given testimony to the Grand Jury. But where is Obama, Hillary, Biden, Brennan and Comey in the mix so far? There is nothing yet to report on those players…but there is hope. It is then we need to know and understand the relationship between the various agencies and the media that were willing accomplices. Biden and Sullivan are in the equation too…

Sit back and read on….maybe even take notes.

If you are a detailed kinda person that want to read in full the documents, go –>

here

here

EXCLUSIVE: Former Director of National Intelligence John Ratcliffe met with Special Counsel John Durham on more than one occasion and told him there was evidence in intelligence to support the indictments of “multiple people” in his investigation into the origins of the Trump-Russia probe, sources told Fox News.

Fox News first reported on Durham’s latest filing, which alleged that lawyers from Hillary Clinton‘s presidential campaign in 2016 had paid to “infiltrate” servers belonging to Trump Tower and later the White House, in order to establish an “inference” and “narrative” to bring to federal government agencies linking Donald Trump to Russia.

Fox News first reported in October 2020 that Ratcliffe provided nearly 1,000 pages of material to the Justice Department to support Durham’s investigation.

‘Enough evidence’

But sources told Fox News this week that during his meetings with Durham, Ratcliffe, who served as a congressman and as the former U.S. attorney for the Eastern District of Texas, said he believed there was “enough evidence” in those materials that he provided to indict “multiple people.”

The sources pointed to one key piece of declassified intelligence, which Fox News first reported in October 2020, revealing that intelligence community officials within the CIA forwarded an investigative referral on Hillary Clinton purportedly approving “a plan concerning U.S. presidential candidate Donald Trump and Russian hackers hampering U.S. elections” in order to distract the public from her email scandal to the FBI.

RATCLIFFE SAYS ODNI HAS PROVIDED NEARLY 1,000 DOCUMENTS TO DOJ TO SUPPORT DURHAM PROBE

Sources told Fox News that the CIA memo, also known as a Counterintelligence Operational Lead (CIOL), was properly forwarded to the FBI, and to the attention of then-FBI Director James Comey and then-Deputy Assistant Director of Counterintelligence Peter Strzok.

Fox News first obtained the declassified memo in October 2020.

“The following information is provided for the exclusive use of your bureau for background investigative action or lead purposes as appropriate,” the 2016 CIA memo to Comey and Strzok stated.

“This memorandum contains sensitive information that could be source revealing. It should be handled with particular attention to compartmentation and need-to-know. To avoid the possible compromise of the source, any investigative action taken in response to the information below should be coordinated in advance with Chief Counterintelligence Mission Center, Legal,” the memo read. “It may not be used in any legal proceeding — including FISA applications — without prior approval …”

“Per FBI verbal request, CIA provides the below examples of information the CROSSFIRE HURRICANE fusion cell has gleaned to date,” the memo continued. “”An exchange [REDACTED] discussing US presidential candidate Hillary Clinton’s approval of a plan concerning US presidential candidate Donald Trump and Russian hackers hampering US elections as a means of distracting the public from her use of a private email server.”

The memo was heavily redacted.

Concerns raised

A source familiar with the matter told Fox News that Ratcliffe, privately, has raised concerns that the CIOL was directed to Comey and Strzok.

DNI DECLASSIFIES BRENNAN NOTES, CIA MEMO ON HILLARY CLINTON ‘STIRRING UP’ SCANDAL BETWEEN TRUMP, RUSSIA

Fox News, at this point, has not obtained evidence to suggest the FBI opened an investigation into Clinton’s plan per the CIA referral.

Meanwhile, Ratcliffe had also declassified documents that revealed former CIA Director John Brennan briefed then-President Obama on Hillary Clinton’s purported “plan” to tie then-candidate Trump to Russia as “a means of distracting the public from her use of a private email server” ahead of the 2016 presidential election.

“We’re getting additional insight into Russian activities from [REDACTED],” Brennan’s declassified notes, which were first obtained by Fox News in October 2020, read. “CITE [summarizing] alleged approved by Hillary Clinton a proposal from one of her foreign policy advisers to vilify Donald Trump by stirring up a scandal claiming interference by the Russian security service.”

Three indictments

At this point, Durham has indicted three people as part of his investigation: Igor Danchenko on Nov. 4, 2021, Kevin Clinesmith in August 2020, and Michael Sussmann in September 2021.

Ratcliffe told Fox News’ “Sunday Morning Futures” on Nov. 8, 2021, that he was expecting “many indictments” out of Durham’s special counsel investigation.

Danchenko was charged with making a false statement and is accused of lying to the FBI about the source of information that he provided to Christopher Steele for the anti-Trump dossier. Kevin Clinesmith was also charged with making a false statement. Clinesmith had been referred for potential prosecution by the Justice Department’s inspector general’s office, which conducted its own review of the Russia investigation.

Specifically, the inspector general accused Clinesmith, though not by name, of altering an email about Page to say that he was “not a source” for another government agency. Page has said he was a source for the CIA. The DOJ relied on that assertion as it submitted a third and final renewal application in 2017 to eavesdrop on Trump campaign aide Carter Page under the Foreign Intelligence Surveillance Act (FISA).

HILLARY CLINTON 2016 TWEETS PUSHED NOW-DEBUNKED CLAIM OF TRUMP USE OF ‘COVERT SERVER’ LINKED TO RUSSIA

Durham also charged former Clinton campaign lawyer Michael Sussmann with making a false statement to a federal agent. Sussmann has pleaded not guilty.

The indictment against Sussmann says he told then-FBI General Counsel James Baker in September 2016, less than two months before the 2016 presidential election, that he was not doing work “for any client” when he requested and held a meeting in which he presented “purported data and ‘white papers’ that allegedly demonstrated a covert communications channel” between the Trump Organization and Alfa Bank, which has ties to the Kremlin.

Fox News, this weekend, first reported on Durham’s filing on Feb. 11. In a section titled “Factual Background,” Durham reveals that Sussmann “had assembled and conveyed the allegations to the FBI on behalf of at least two specific clients, including a technology executive (Tech Executive 1) at a U.S.-based internet company (Internet Company 1) and the Clinton campaign.”

Durham’s filing said Sussmann’s “billing records reflect” that he “repeatedly billed the Clinton Campaign for his work on the Russian Bank-1 allegations.”

The filing revealed that Sussmann and the Tech Executive had met and communicated with another law partner, who was serving as General Counsel to the Clinton campaign. Sources told Fox News that lawyer is Marc Elias, who worked at the law firm Perkins Coie.

Elias’s law firm, Perkins Coie, is the firm that the Democratic National Committee and the Clinton campaign funded the anti-Trump dossier through. The unverified dossier was authored by ex-British Intelligence agent Christopher Steele and commissioned by opposition research firm Fusion GPS.

‘Large amounts of Internet data’

Meanwhile, Durham’s latest filing states that in July 2016, the tech executive worked with Sussmann, a U.S. investigative firm retained by Law Firm 1 on behalf of the Clinton campaign, numerous cyber researchers and employees at multiple internet companies to “assemble the purported data and white papers.”

“In connection with these efforts, Tech Executive-1 exploited his access to non-public and/or proprietary Internet data,” the filing states. “Tech Executive-1 also enlisted the assistance of researchers at a U.S.-based university who were receiving and analyzing large amounts of Internet data in connection with a pending federal government cybersecurity research contract.”

“Tech Executive-1 tasked these researchers to mine Internet data to establish ‘an inference’ and ‘narrative’ tying then-candidate Trump to Russia,” Durham states. “In doing so, Tech Executive-1 indicated that he was seeking to please certain ‘VIPs,’ referring to individuals at Law Firm-1 and the Clinton campaign.”

Durham also writes that during Sussmann’s trial, the government will establish that among the Internet data Tech Executive-1 and his associates exploited was domain name system (DNS) internet traffic pertaining to “(i) a particular healthcare provider, (ii) Trump Tower, (iii) Donald Trump’s Central Park West apartment building, and (iv) the Executive Office of the President of the United States (EOP).”

Durham states that the internet company that Tech Executive-1 worked for “had come to access and maintain dedicated servers” for the Executive Office of the President as “part of a sensitive arrangement whereby it provided DNS resolution services to the EOP.”

“Tech Executive-1 and his associates exploited this arrangement by mining the EOP’s DNS traffic and other data for the purpose of gathering derogatory information about Donald Trump,” Durham states.

The filing also reveals that Sussmann provided “an updated set of allegations” including the Russian bank data, and additional allegations relating to Trump “to a second agency of the U.S. government” in 2017.

Durham says the allegations “relied, in part, on the purported DNS traffic” that Tech Executive-1 and others “had assembled pertaining to Trump Tower, Donald Trump’s New York City apartment building, the EOP, and the aforementioned healthcare provider.”

In Sussmann’s meeting with the second U.S. government agency, Durham says he “provided data which he claimed reflected purportedly suspicious DNS lookups by these entities of internet protocol (IP) addresses affiliated with a Russian mobile phone provider,” and claimed that the lookups “demonstrated Trump and/or his associates were using supposedly rare, Russian-made wireless phones in the vicinity of the White House and other locations.”

“The Special Counsel’s Office has identified no support for these allegations,” Durham wrote, adding that the “lookups were far from rare in the United States.”

“For example, the more complete data that Tech Executive-1 and his associates gathered–but did not provide to Agency 2–reflected that between approximately 2014 and 2017, there were a total of more than 3 million lookups of Russian Phone-Prover 1 IP addresses that originated with U.S.-based IP addresses,” Durham wrote. “Fewer than 1,000 of these lookups originated with IP addresses affiliated with Trump Tower.”

Durham added that data collected by Tech Executive-1 also found that lookups began as early as 2014, during the Obama administration and years before Trump took office, which he said, is “another fact which the allegations omitted.”

“In his meeting with Agency-2 employees, the defendant also made a substantially similar false statement as he made to the FBI General Counsel,” Durham wrote. “In particular, the defendant asserted that he was not representing a particular client in conveying the above allegations.”

“In truth and in fact, the defendant was representing Tech Executive-1–a fact the defendant subsequently acknowledged under oath in December 2017 testimony before Congress, without identifying the client by name,” Durham wrote.

Trump’s reaction

Former President Trump reacted to the filing on Saturday evening, saying Durham’s filing “provides indisputable evidence that my campaign and presidency were spied on by operatives paid by the Hillary Clinton Campaign in an effort to develop a completely fabricated connection to Russia.”

“This is a scandal far greater in scope and magnitude than Watergate and those who were involved in and knew about this spying operation should be subject to criminal prosecution,” Trump said. “In a stronger period of time in our country, this crime would have been punishable by death.”

“In a stronger period of time in our country, this crime would have been punishable by death.”

— Former President Trump

Then-President Donald Trump speaks during a meeting in the Roosevelt Room of the White House in Washington, Oct. 31, 2017.

Then-President Donald Trump speaks during a meeting in the Roosevelt Room of the White House in Washington, Oct. 31, 2017. (Associated Press)

Trump added: “In addition, reparations should be paid to those in our country who have been damaged by this.”

Former chief investigator of the Trump-Russia probe for the House Intelligence Committee under then-Rep. Devin Nunes, R-Calif., Kash Patel, said the filing “definitively shows that the Hillary Clinton campaign directly funded and ordered its lawyers at Perkins Coie to orchestrate a criminal enterprise to fabricate a connection between President Trump and Russia.”

“Per Durham, this arrangement was put in motion in July of 2016, meaning the Hillary Clinton campaign and her lawyers masterminded the most intricate and coordinated conspiracy against Trump when he was both a candidate and later President of the United States while simultaneously perpetuating the bogus Steele Dossier hoax,” Patel told Fox News, adding that the lawyers worked to “infiltrate” Trump Tower and White House servers.

Meanwhile, unearthed Hillary Clinton tweets from days before the 2016 presidential election show the candidate pushing now-debunked information that Donald Trump was using a “covert server” linking him to Russia.

Clinton, on Oct. 31, 2016, tweeted: “Computer scientists have apparently uncovered a covert server linking the Trump Organization to a Russian-based bank,” and shared a statement from her campaign’s senior policy advisor Jake Sullivan, who now serves as President Biden’s White House National Security advisor.

“This could be the most direct link yet between Donald Trump and Moscow,” Sullivan said in the October 2016 statement. “Computer scientists have uncovered a covert server linking the Trump Organization to a Russian-based bank.”

Sullivan said the “secret hotline may be the key to unlocking the mystery of Trump’s ties to Russia.”

“This line of communication may help explain Trump’s bizarre adoration of Vladimir Putin and endorsement of so many pro-Kremlin positions throughout this campaign,” he continued. “It raises even more troubling questions in light of Russia’s masterminding of hacking efforts that are clearly intended to hurt Hillary Clinton’s campaign.”

Sullivan added that they “can only assume federal authorities will now explore this direct connection between Trump and Russia as part of their existing probe into Russia’s meddling in our elections.”

A second Clinton tweet from that day stated it was “time for Trump to answer serious questions about his ties to Russia.”

Clinton tweeted an image that states that Trump had “a secret server” to “communicate privately with a Putin-tied Russian bank called Alfa Bank.”

 

China has Fully Loyalty of Much of America

It does not begin and end with zero consequence of China for all things pandemic….it is much much worse. Consider all the items below and then apply critical thinking on why America is so subservient to the Chinese Communist Party.

The list is hardly complete but here is a good start:

  1. Dr. Fauci –>Source: Adam Hott, who works on the National Institutes of Health (NIH) Clinical Sequencing Evidence-Generating Research group, is also affiliated with the United States Heartland China Association (USHCA). He serves on the controversial group’s education committee, which seeks to “brings together resources in K12 and higher education to apply research, expertise, and new entrants to the workforce to US-China collaboration.”

    The unearthing of the United States Heartland China Association (USHCA) ties to Chinese foreign influence groups follow reports of Chinese Communist Party members and firms buying up American farmland, raising national security concerns among lawmakers.

    In addition to partnering with various branches of the Chinese regime, the USHCA also is “proudly working with” the China-United States Exchange Foundation (CUSEF).

    The organization is an integral component of the Chinese Communist Party’s “United Front,” an effort that seeks to “co-opt and neutralize sources of potential opposition to the policies and authority of its ruling Chinese Communist Party” and “influence foreign governments to take actions or adopt positions supportive of Beijing’s preferred policies,” according to the U.S. government.

  2. Then there is Hunter Biden and the whole Biden family.Source: A grand jury subpoena was issued 17 months before the 2020 election for Hunter Biden’s bank transactions involving the Bank of China, a corruption watchdog has found, raising concerns that damaging material about then-candidate Joe Biden was hidden from voters.

    The order sent by the Department of Justice to JP Morgan Chase bank asked for the records of any international financial transactions for the past five years involving Hunter, his uncle James Biden and former business partners Devon Archer and Eric Schwerin, according to federal documents.

    The anti-corruption nonprofit Marco Polo, founded by former Trump administration official Garrett Ziegler, obtained the filing, which targets the financial ties between the four men and the Bank of China.

    The subpoena was issued by Delaware’s US Attorney David Weiss on May 15, 2019. At the time, Hunter’s father, Joe Biden, was a presidential candidate.

  3. President Joe Biden meets virtually with Chinese President Xi Jinping from the Roosevelt Room of the White House in Washington, Nov. 15, 2021.source
  4. Perhaps the worst of it all –> and it is a long one…sit back and process as you read it. Source: A new, comprehensive report by the Victims of Communism Memorial Foundation, titled “Corporate Complicity Scorecard,” reveals what these companies have traded away and how much their Faustian bargain with the CCP has endangered all of us.The report, produced jointly by VOC and Horizon Advisory, evaluates eight well-known American corporations — Amazon, Apple, Dell, Facebook, GE, Google, Intel, and Microsoft. It presents “broad-ranging assessments of the nature of American corporations’ involvement in China” based on a set of indicators, including compliance with Chinese data regimes and supply chain exposure to forced labor risk. The report assigns a letter grade between A to F to the companies, with Facebook and Google receiving the highest score of “B,” while GE, Intel, and Microsoft got the lowest score of “F.”

    According to the VOC report, these American companies’ complicity endangers everyone else for several reasons. It exposes U.S. indus­trial supply chains to China’s forced labor and other human rights atrocities. It empowers a strategic competitor while hollowing out U.S. industrial capacity. It also makes U.S. industry a conduit for the Chinese gov­ernment’s vast information collection (i.e., surveillance programs). Lastly, it makes U.S. industry a channel for Chinese influence and pro­paganda abroad.

    All eight companies’ complicity is also endangering their long-term survival because through the “Made in China 2025” initiative, the Chinese government has been developing domestic competitors, intending to become “self-reliant” in strategically essential technologies. Shockingly, these American companies seem to fail to recognize that their technology transfers and billions of dollar investment in China will end up creating their own eventual replacements in this market.

    Furthermore, some of these companies have engaged “in political lobbying in the U.S. in ways that ultimately serves Beijing’s interests while potentially undermining the values and principles that undergird the western democratic order.”

    Intel Gets an ‘F’

    Intel sent a letter earlier this year to suppliers advising them not to source from Xinjiang, without mentioning either forced labor or genocide committed by the CCP against Uyghur Muslims and other minorities in the region. Still, the company promptly apologized to China after its letter drew backlash from state media and Chinese nationalists.

    The VOC report provides insights into Intel’s engagement in China. The company has a prominent presence in the country, including 17 campuses, at least two production sites, and “a series of innovation and R&D centers across China.” The company has built extensive ties to Chinese government agencies. For instance, the company has partnered with the Chinese Academy of Sciences Institute of Automation (CASIA), a “core contributor to China’s military and military-civil fusion programs.”

    Intel also collaborated with China’s Ministry of Industry and Information (MIIT), a “leading state entity charged with implementing China’s military-civil fusion national strategy.” The report finds “Intel executives continue to engage with MIIT rep­resentatives in fields relevant to military-civil fusion, even as tensions between the US government and China escalate and risks posed by Beijing’s military-civil fusion strategy become more evident.”

    Intel’s partnership with Chinese companies is also problematic. The company is a long-time major supplier to Hikvision, a Chinese state-owned manufacturer and sup­plier of surveillance equipment. The two companies launched a com­prehensive partnership in artificial intelligence in 2017.

    After the Trump administration added Hikvision to the U.S. Department of Commerce’s Entity List and barred it from buying restricted components from the United States in 2019, former Intel Chief Executive Officer Bob Swan reportedly vowed to use “Intel’s global operating capabilities to reduce the impact on customers.” Later that year, several U.S. technology firms, including Intel and Microsoft, issued a joint statement “calling for then-President Trump not to impose tariffs on Chinese lap­tops and tablets.”

    The VOC report also finds that “Intel technology was being used in surveillance systems in Xinjiang” and “Intel had invested in and provided technologies to a company embedded in Xinjiang and supported by the Chinese Ministry of Public Security.” Intel essentially plays a critical role in enabling the Chinese government to build a digital prison in Xinjiang and monitor every move by millions of Uyghur Muslims.

    Microsoft Also Gets an ‘F’

    Microsoft also received a grade of “F.” The VOC report finds that “Microsoft has a significant, and growing, network of innovation centers, data centers, joint laboratories, and other technology hubs in China. Many of these have been established in partnership with the Chinese government or gov­ernment-tied entities.”

    For example, Microsoft has built at least 10 data centers in China, all operated by a local Chinese partner, 21Vianet. In compliance with China’s data security laws, all data collected at these centers are accessible to the Chinese government.

    Microsoft has also partnered with Chinese companies to tailor its products to meet the Chinese government’s needs. A 2021 report from Top10VPN found that many Chinese government surveillance and censorship organs “use Windows prod­ucts in their security and surveillance systems.”

    Like Intel, Microsoft has established strategic cooperation agreements with Chinese companies that “the US government has identified as tied to the Chinese military or as an export restriction concern.” For example, one of Microsoft’s strategic partners is Dajing Innovations (DJI), a leader in civilian drones and imaging technology. The Trump administration put DJI on the Department of Commerce’s sanctioned Entity List in 2020. Microsoft has yet to sever its business ties with DJI.

    At least three Chinese suppliers of Microsoft were found to involve forced labor in Xinjiang. However, Microsoft has maintained business relationships with these suppliers. In addition, the company continues to invest in R&D in China “even as tensions between the US and China escalate—and Beijing’s technological ambi­tions have become broadly recognized as posing risks for global human rights and security.”

    Why GE Received an ‘F’

    GE is the third company that receives an “F.” Similar to Intel and Microsoft, GE’s many partnerships in China “appear to involve technology-sharing, including with core players in China’s military, military-civil fusion, and surveillance system. Those partnerships have also granted military-tied Chinese players positions of leverage in GE’s supply chains, critical to both America’s national security and its manufac­turing base.”

    Since GE is also a key contractor for the U.S. Department of Defense, these partnerships and technology-sharing agreements are especially troubling.

    Losing Strategy

    The VOC report gave the other five companies slightly better scores than “F.” But make no mistake, all of these companies have similarly “supported Beijing’s military modernization, the surveillance state, and human rights violations in exchange for access to China’s market.”

    As the great power competition between the U.S. and China intensifies, corporations cannot pretend this is business as usual. Whether they like it or not, corporations are increasingly at the center of the Sino-U.S. geopolitical conflict. These American companies should never forget what made them successful in the first place.

    In the words of former Attorney General William Barr, American companies are beneficiaries of “the American free enterprise system, the rule of law, and the security afforded by America’s economic, technological, and military strength.” China’s authoritarian regime is not a “hospitable one for institutions that depend on free markets, free trade, or the free exchange of ideas,” Barr said.

    The VOC scorecard reminds these American companies that acquiescing to Beijing is a lose-lose strategy and will endanger all of us in the long run.

    Microsoft in ChinaBack in 2007, Bill Gates told Fortune that he expected China to be Microsoft’s biggest market, “though it might take 10 years.”. Those comments were made during a visit to Beijing when Gates was awarded an honorary degree from Tsinghua University and met with four members of China’s ruling Politburo. More detail

Meanwhile, Microsoft Details the Russian Hack of Ukraine

The Windows maker’s Threat Intelligence Center (MSTIC) is tracking the cluster under the moniker ACTINIUM (previously as DEV-0157), sticking to its tradition of identifying nation-state activities by chemical element names.

The Ukrainian government, in November 2021, publicly attributed Gamaredon to the Russian Federal Security Service (FSB) and connected its operations to the FSB Office of Russia in the Republic of Crimea and the city of Sevastopol. Details.

***

Gamaredon APT Improves Toolset to Target Ukraine Government, Military |  Threatpost source

The Gamaredon APT was first spotted in 2013 and in 2015, when researchers at LookingGlass shared the details of a cyber espionage operation tracked as Operation Armageddon, targeting other Ukrainian entities. Their “special attention” on Eastern European countries was also confirmed by CERT-UA, the Ukrainian Computer Emergency Response Team.

The discovered attack appears to be designed to lure military personnel: it  leverage a legit document of the “State of the Armed Forces of Ukraine” dated back in the 2nd April 2019. Source

For this reason, Cybaze-Yoroi ZLAB team dissected this suspicious sample to confirm the possible link with Russian threat actors.

***

There are several outside government cyber experts that are reporting much the same as Microsoft as noted here.

Source: While Gamaredon has mainly targeted Ukrainian officials and organizations in the past, the group attempted an attack on January 19 that aimed to compromise a Western government “entity” in Ukraine, researchers at Palo Alto Networks’ Unit 42 organization reported Thursday. Gamaredon leadership includes five Russian Federal Security Service officers, the Security Service of Ukraine said previously.

Microsoft threat researchers released their own findings on Gamaredon in the blog post today, disclosing that the group has been actively involved in malicious cyber activity in Ukraine since October 2021.

While the hacker group has been dubbed “Gamaredon” by Unit 42, Microsoft refers to the group by the name “Actinium.”

“In the last six months, MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired access to move laterally into related organizations,” the threat researchers said in the post. “MSTIC has observed ACTINIUM operating out of Crimea with objectives consistent with cyber espionage.”

Evading detection

Tactics used frequently by the group include spear-phishing emails with malicious macro attachments, resulting in deployment of remote templates, the researchers said. By causing a document to load a remote document template with malicious code—the macros—this “ensures that malicious content is only loaded when required (for example, when the user opens the document),” Microsoft said.

“This helps attackers to evade static detections, for example, by systems that scan attachments for malicious content,” the researchers said. “Having the malicious macro hosted remotely also allows an attacker to control when and how the malicious component is delivered, further evading detection by preventing automated systems from obtaining and analyzing the malicious component.”

The Microsoft researchers report that they’ve observed numerous email phishing lures used by Gamaredon, including those that impersonate legitimate organizations, “using benign attachments to establish trust and familiarity with the target.”

In terms of malware, Gamaredon uses a variety of different strains—the most “feature-rich” of which is Pterodo, according to Microsoft. The Pterodo malware family brings an “ability to evade detection and thwart analysis” through the use of a “dynamic Windows function hashing algorithm to map necessary API components, and an ‘on-demand’ scheme for decrypting needed data and freeing allocated heap space when used,” the researchers said.

Meanwhile, the PowerPunch malware used by the group is “an agile and evolving sequence of malicious code,” Microsoft said. Other malware families employed by Gamaredon include ObfuMerry, ObfuBerry, DilongTrash, DinoTrain, and DesertDown.

‘Very agile threat’

Gamaredon “quickly develops new obfuscated and lightweight capabilities to deploy more advanced malware later,” the Microsoft researchers said. “These are fast-moving targets with a high degree of variance.”

Payloads analyzed by the researchers show a major emphasis on obfuscated VBScript (Visual Basic Script), a Microsoft scripting language. “As an attack, this is not a novel approach, yet it continues to prove successful as antivirus solutions must consistently adapt to keep pace with a very agile threat,” the researchers said.

Unit 42 had reported Thursday that Gamaredon’s attempted attack against a western government organization in January involved a targeted phishing attempt.

Instead of emailing the malware downloader to their target, Gamaredon “leveraged a job search and employment service within Ukraine,” the Unit 42 researchers said. “In doing so, the actors searched for an active job posting, uploaded their downloader as a resume and submitted it through the job search platform to a Western government entity.”

Due to the “steps and precision delivery involved in this campaign, it appears this may have been a specific, deliberate attempt by Gamaredon to compromise this Western government organization,” Unit 42 said in its post.

Unit 42 has said it’s not identifying or further describing the western government entity that was targeted by Gamaredon.

No connection to ‘WhisperGate’ attacks

The attempted January 19 attack by Gamaredon came less than a week after more than 70 Ukrainian government websites were targeted with the new “WhisperGate” family of malware.

However, the threat actor responsible for those attacks appears to be separate from Gamaredon, the Microsoft researchers said in the post today. The Microsoft Threat Intelligence Center “has not found any indicators correlating these two actors or their operations,” the researchers said.

The U.S. Department of Homeland Security (DHS) last month suggested it’s possible that Russia might be eyeing a cyberattack against U.S. infrastructure, amid tensions between the countries over Ukraine.

Estimates suggest Russia has stationed more than 100,000 troops on the eastern border of Ukraine. On Wednesday, U.S. President Joe Biden approved sending an additional 3,000 U.S. troops to Eastern Europe.

 

Could it be that Europe has more Guts in Suing Google than the U.S.?

Shame on our Congress but more…shame on the Justice Department for dragging it’s feet when it comes to anti-trust cases against big tech, especially Google.

Google is big…really big but perhaps $2.4 billion will get their attention…and that is just Europe. But then again, maybe not as Google just announced the following:

Google has completed the latest phase of construction at its data center in Council Bluffs, Iowa, bringing its total investment in its Iowa campus to $5 billion.

A herd of deer outside the equipment yard of the Google data center campus in Council Bluffs, Iowa. (Photo: Google)

The investment milestone by Google is the latest data point on the extraordinary growth of the data center industry in Iowa, which is also home to Meta’s largest cloud campus and a massive build-out by Microsoft in West Des Moines. The Iowa cloud cluster shows the prominent role of the Midwest in cloud geography, providing a data distribution hub in the center of the United States.

***

Google-owner Alphabet faces a massive lawsuit in Europe.

It’s being sued by price-comparison firm PriceRunner for around $2.4 billion.

The Swedish company alleges the tech giant manipulated search results.

PriceRunner wants Google to pay compensation for profits it claims it has lost in the UK since 2008; and Sweden and Denmark since 2013.

A Google spokesperson said the company would defend the lawsuit in court.

It claimed changes made to shopping ads five years ago have worked successfully.

It also said PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes as others.

But PriceRunner said it was ready to fight for years, with financing in place and steps prepared in the event it does not win.

In November Google lost an appeal against a fine of over $2.7 billion imposed by the European Commission in 2017.

It found that the search giant used its own price comparison shopping service to gain an unfair advantage over smaller European rivals.

The seven-year investigation came about due to complaints that Google distorted internet search results in favour of its own shopping service.

PriceRunner is currently in the process of being bought by payments firm Klarna.

***

Pricerunner sues Google for SEK 22 billion - Gamingsym

Source: PriceRunner said Monday that it plans to take Google to court in Stockholm. It’s seeking compensation for damages in relation to a 2017 ruling from the European Commission that Google breached antitrust laws by giving preference to its own shopping comparison product, Google Shopping, through its popular search engine.

After a seven-year investigation into the practices, the EU executive body dealt Google a historic $2.7 billion fine. Google appealed the penalty, but in November 2021, the decision was upheld by the EU’s General Court. The verdict can still be appealed and taken to the EU’s highest court.

PriceRunner CEO Mikael Lindahl said the company launched its lawsuit following “extensive and thorough preparations.”

“We are of course seeking compensation for the damage Google has caused us during many years, but are also seeing this lawsuit as a fight for consumers who have suffered tremendously from Google’s infringement of the competition law for the past fourteen years and still today,” Lindahl said in a statement.

A Google spokesperson said the company looks forward to defending its case in court. The company made a number of changes in 2017 aimed at addressing the commission’s concerns.

“The changes we made to shopping ads back in 2017 are working successfully, generating growth and jobs for hundreds of comparison shopping services who operate more than 800 websites across Europe,” the spokesperson said in an emailed statement.

“The system is subject to intensive monitoring by the EU Commission and two sets of outside experts. PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes that others have.”

PriceRunner alleges Google has not complied with the commission’s ruling and is still abusing its dominant position among internet search engines. It expects the final damages to be “significantly higher” than the interim sum of 2.1 billion euros.

The company, which in November agreed to be taken over by Swedish fintech firm Klarna, wants Google to pay compensation for profits it lost in the U.K. since 2008, and in Sweden and Denmark from 2013 onward.

Klarna spokeswoman Aoife Houlihan said the company was “aware and supportive of this suit.”

“It is fundamental that all tech companies no matter where they operate, compete on the basis of their own merit with the best product and service and then gain consumers’ trust,” Houlihan told CNBC.

“European consumers have been denied real choice in shopping services for many years and this is one step to ensuring this ends now.”

PriceRunner says it’s the largest independent price comparison service in the Nordic region, with over 3.7 million products to select from 22,500 stores across 25 different countries.

Eastern Europe under Extraordinary Threat from Russia

In part: Russia has been chipping away at the country since at least 2014, when the pro-Russian President of Ukraine, Viktor Yanukovych, lost an election, and Putin invaded the Crimea, the peninsula that sticks out into the Black Sea and separates it from the Sea of Azov to its northeast.

Stealth war

As part of Putin’s campaign, a war that isn’t quite a war, most authorities agree that Russian-based hackers mounted a cyberattack called NotPetya back in 2017.  It was aimed primarily at Ukrainian institutions, but it also affected thousands of other systems as well.  The White House later estimated that NotPetya caused about $10 billion worth of damage worldwide.

Now we come down to this week.  On January 15, dozens of Ukrainian government computer systems were infected with malware disguised as ransomware.  An infected computer displayed a demand for a certain ransom to be paid in Bitcoin, but what really happened is that the malware “renders the computer system inoperable,” ransom or no ransom.

Microsoft issued a statement saying that they observed these attacks aimed primarily at Ukrainian government agencies and closely-allied organisations, and that they had issued updates that will address the problems.  But in the meantime, the Ukraine is suffering yet another cyberattack which appears to be instigated by Russia, although no firm evidence of the source has yet been forthcoming.

***

The head of Ukraine’s defense intelligence agency told Military Times in November that Russia could launch an attack through Belarus.

source

Then there is the matter of Putin working to install a pro-Russian regime in Ukraine.

The UK Foreign, Commonwealth and Development Office (FCDO) named former Ukrainian MP Yevhen Murayev as a potential Kremlin candidate and once again warned Russia of “severe costs” of activities to subvert Ukraine.

“The information being released today shines light on the extent of Russian activity designed to subvert Ukraine, and is an insight into Kremlin’s thinking,” UK foreign secretary Liz Truss said in a statement on Saturday.

Russia rejects UK claim

Russia on Sunday rejected a British claim that Russia was seeking to replace Ukraine’s government with a pro-Moscow administration.

“The disinformation spread by the British Foreign Office is more evidence that it is the Nato countries, led by the Anglo-Saxons, who are escalating tensions around Ukraine,” Russian foreign ministry spokeswoman Maria Zakharova said on the Telegram messaging app on Sunday. “We call on the British Foreign Office to stop provocative activities, stop spreading nonsense.” source

***

Some other disturbing details:

  1. The Russian Navy has announced plan gunnery and missile firing 160 nautical miles off Mizen Head. The exercises, from February 3rd to 8th, are just on the edge of the drop-off into deep water. It is also within Ireland’s Exclusive Economic Zone (EEZ). Coming at a time of heightened tension between Russia and the West, this highlights Ireland’s strategic position.

    Of all the world’s ocean, it is interesting that Russia selected this small area in the Irish EEZ. It is far from Russia’s operating bases and regular training areas. So the location seems chosen for strategic or political reasons.

  2. Germany is actively collaborating with Russian armed aggression against Ukraine. The Estonians will tell the Germans to go to hell and the rest of NATO will back Estonia against the Moscow-Berlin axis.
    The Molotov-Ribbentrop Pact is still in force. The Russian regime of state terrorism and the Putinversteher faction in Germany are allied to destroy the freedom and independence of Eastern Europe.
    Germany has no business being in NATO when it aggressively thwarts the principle of collective security on which the alliance was founded. Germany has gone full Soviet with the new Chancellor.
    Russian ally Germany refuses to permit Estonia to transfer artillery to Ukraine, giving a boost to the Russian army which is mobilized for an offensive.
  3. The U.S. has ordered all family members of its embassy in Ukraine to evacuate amid rising tensions of a possible Russian invasion of Ukraine. The U.S. State Department also said non-essential personnel could also leave the country at the U.S. government’s expense.

One more item. Since President Biden halted the United States from being energy independent which was achieved under President Trump, the United States no longer exports energy to Europe. In fact, conditions are so dire that the United States is actually buying dirty oil from Russia. Think of that. If Russia decides to punish the U.S. even more….you can bet the cost of gasoline at the pump with reach $8.00 to $10.00 a gallon.

Then there is the threat of the United States versus Russia in the Arctic and in Space…imagine escalating hostilities in those battle-spaces…

Meanwhile…Ukrainians are drilling for safety in fallout shelters.