Category Archives: Gangs and Crimes

Have you Heard of the FBI’s Trojan Shield Program?

Posted on by

New court records detail how the FBI turned encrypted phone company ‘Anom’ into a honeypot for organized crime.

Vice: For years the FBI has secretly run an encrypted communications app used by organized crime in order to surreptitiously collect its users’ messages and monitor criminals’ activity on a massive scale, according to a newly unsealed court document. In all, the elaborate operation netted more than 20 million messages from over 11,800 devices used by suspected criminals.

The news signals a major coup for law enforcement: ordinarily, agencies either shut down or crack messages on an already established service, such as Phantom Secure or Encrochat, two similar encrypted messaging networks. But in this case, the FBI took control of a communications company called ‘Anom’ in its infancy and turned that into a wide reaching honeypot, with the suspected criminal users instead coming to them.

“The FBI opened a new covert investigation, Operation Trojan Shield, which centered on exploiting Anom by inserting it into criminal networks and working with international partners, including the Australian Federal Police (“AFP”), to monitor the communications,” the unsealed court record reads, referring to Anom, the app at the center of the investigation. Seamus Hughes, a researcher at George Washington University, shared the document with Motherboard.

Do you know anything else about Anom? Were you a user? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

The AFP began going public with the contours of Anom Tuesday morning local time, and announced it had begun making arrests with data pulled from the honeypot.

In 2018, the FBI arrested Vincent Ramos, the CEO of Phantom Secure, which provided custom, privacy-focused devices to organized criminals. In the wake of that arrest, a confidential human source (CHS) who previously sold phones on behalf of Phantom and another firm called Sky Global, was developing their own encrypted communications product. This CHS then “offered this next generation device, named ‘Anom,’ to the FBI to use in ongoing and new investigations,” the court document reads. While criminals left Phantom, they flocked to other offerings. One of those was Anom; the FBI started what it called Operation Trojan Shield, in which it effectively operated a communications network targeted to criminals and intercepted messages running across it.

The FBI, AFP, and CHS built the Anom system in such a way that a master key silently attached itself to every message set through the app, enabling “law enforcement to decrypt and store the message as it is transmitted,” the document reads.

“A user of Anom is unaware of this capability,” it adds.

But first the FBI and their source needed to establish Anom as an option in the criminal underworld. As Motherboard showed in a years-long investigation, using sources around Phantom as well as FBI files, Phantom was particularly popular in Australia. The CHS introduced Anom to his already trusted distributors of mobile devices, who were in turn trusted by criminal organizations, the document reads. Three people in Australia who had previously distributed Phantom, “seeing a huge payday,” agreed to then sell these Anom devices, the document adds. With this, “the FBI aimed to grow the use of Anom organically through these networks,” it reads.

anom-site.png

A screenshot of the Anom site Motherboard took before Anom closed. Image: Motherboard.

Earlier on Monday before obtaining the court record, Motherboard reviewed Anom’s social media presence. The company’s Reddit account first announced the existence of the company two years ago, according to a since deleted but cached Reddit post that Motherboard found.

“Introducing Anom—a Ultra-Secure Mobile-Cell-Phone Messaging App for Android,” the announcement read. “Your Confidentiality, Assured. Software hardened against targeted surveillance and intrusion—Anom Secure. Keep Secrets Safe!”

Anom started to grow, with initially 50 devices distributed in Australia and the AFP able to monitor the phones. It was slow at first, but soon word of the new devices spread, with Anom gathering several hundred users a year later, the document continued.

A third country also got involved in the investigation, and provided the FBI with Anom user data three times a week.

“This data comprises the encrypted messages of all of the users of Anoms with a few exceptions (e.g., the messages of approximately 15 Anom users in the U.S. sent to any other Anom device are not reviewed by the FBI),” the document reads.

Anom had grown exponentially in size, stretching beyond its Australian beginnings to having over 10,000 devices in over 90 countries. Germany, the Netherlands, Spain, and Serbia were also popular, with over 300 distinct transnational criminal organizations (TCOs) using the devices, the document reads. When authorities closed down Sky, as Motherboard reported in March, Anom’s user base tripled.

The number of obtained messages totalled at over 20 million messages since October 2019. Messages include discussions around drug smuggling, corruption, and other high-level organized criminal activities. The document also includes direct quotes of messages from Anom users discussing cocaine shipments.

anom-message.png

A series of messages included in the court document. Image: Motherboard.

“There is 2kg put inside french diplomatic sealed envelopes out of Bogotta [sic],” one message reads referring to how the people are allegedly hiding shipments of cocaine.

“The Trojan Shield investigation has uncovered that Anom devices are used by TCOs to traffic drugs and launder the proceeds of those drug sales,” the document reads. “The distributors of these devices also obstruct justice by remotely wiping the content of devices when law enforcement seizes them. Additionally, the review of Anom messages has initiated numerous high-level public corruption cases in several countries. The most prominent distributors are currently being investigated by the FBI for participating in an enterprise which promotes international drug trafficking, money laundering, and obstruction of justice.”

anom-map.png

A screenshot of a map showing what the FBI says its Anom’s spread around the world. Image: Motherboard

Late Monday, the FBI said that it would be holding “a news conference announcing a massive worldwide takedown based on the San Diego FBI’s unprecedented investigation involving the interception of encrypted communications” on Tuesday.

The Phantom, Sky, and Encrochat operations showed that law enforcement may shutdown or even hack into encrypted phone companies. But the Anom case shows that law enforcement will also go one step further: they will run such a network themselves. A previous DEA operation involved something similar but on a much smaller scale with BlackBerry devices.

“A goal of the Trojan Shield investigation is to shake the confidence in this entire industry because the FBI is willing and able to enter this space and monitor messages,” the document reads.

Biden’s Connection to no-bid Contract for Endeavor

Posted on by

Hat tip: On January 20th, 2021, the very day President Joe Biden took the oath of office, Endeavors put out a news release announcing the hiring of Andrew Lorenzen-Strait, a former Immigrations and Customs Enforcement (ICE) official who also served as a Biden transition advisor on Homeland Security issues.

“This is a no-bid contract, and those should be used in only the most extraordinary circumstances,” said Tom Jones of the American Accountability Foundation, a conservative-leaning watchdog organization.

Andrew Lorenzen-Strait landed his job at Endeavors (formerly Family Endeavors) in January straight off the Biden transition team following a stint with one regional Lutheran refugee contractor, and a little over six months at LIRS, the national organization.

He had spent years in the federal government, at ICE in fact, before hitting on this likely lucrative gig.

FranchiseBlast works with nonprofit Endeavors to enhance ...

EXCLUSIVE: The Department of Homeland Security’s Inspector General’s office is evaluating a multi-million dollar contract awarded to a Texas company that employs a former Biden transition official, multiple sources with the probe confirm to Fox News.

A DHS IG official tells Fox News the contract, with the San Antonio-based nonprofit Endeavors, is the subject of an ongoing evaluation to look at how “ICE plans to house migrant families in hotels, and how ICE selected a contractor to implement these plans.” The Formal title of the probe is, “ICE’s Contract to House Migrants in Hotels.”

Tens of thousands of migrants are crossing the southern border every month, with nearly 180,000 encountered by Customs and Border Patrol along the Southwestern Border in April 2021.

Thousands of those migrants are now being housed in hotels, thanks to Endeavors. The company recently landed a couple of massive government contracts worth upwards of a half-billion dollars.

On January 20th, 2021, the very day President Joe Biden took the oath of office, Endeavors put out a news release announcing the hiring of Andrew Lorenzen-Strait, a former Immigrations and Customs Enforcement (ICE) official who also served as a Biden transition advisor on Homeland Security issues.

STEPHEN MILLER CALLS OUT BIDEN FOR $87M MIGRANT HOTEL CONTRACT: THIS ‘LOOKS CORRUPT’

Less than two months after Lorenzen-Strait’s arrival, federal records show endeavors entered into a no-bid contract with the Department of Health and Human Services for up to $579 million and another no-bid with Homeland Security for $87 million.

“This is a no-bid contract, and those should be used in only the most extraordinary circumstances,” said Tom Jones of the American Accountability Foundation, a conservative-leaning watchdog organization. “It’s typical and it’s terrible. Both sides do it. It’s why we have a massive budget deficit and a debt going through the roof…There’s scumminess and swampiness on both sides of this but we need to root that out.”

Endeavors declined to answer questions about the contracts but in a statement to Fox News called Lorenzen-Strait “a valued leader on the Endeavors team. He is a recognized expert in migrant child and family welfare who consulted with a variety of for-profit and nonprofit organizations after he left his career in federal government in May 2019”

Immigration and Customs Enforcement declined to answer our specific questions about the scope of its contract with Endeavors but wrote: “The border is not open, and individuals continue to be expelled under the Centers for Disease Control and Prevention’s (CDC) public health authority. The families that come into ICE custody will be housed in a manner consistent with legal requirements for the safety and well-being of children and their parents or guardians.”

The Republicans on the House Oversight Committee sent a letter to Health and Human Services Secretary Xavier Becerra over concerns about the no-bid nature of the contract, for Endeavors, which is sometimes referred to as Family Endeavors.

Drug Cartels 1 Biden Administration 0

Posted on by

Primer: Secretary of State, Tony Blinken is traveling to Costa Rica to meet with several country leaders from Central America.It is said he will discuss regional issues including economic growth, the pandemic and climate change impacts. But wait, what about VP Kamala Harris, where is she? Furthermore, what about the issue of immigration, narcotics trafficking or human smuggling?

Meanwhile, the Biden administration is feckless when it comes to the real issues and solutions, especially the cartels….so read on.

Graphic: Bodies of drug runners, human traffickers ... source

MEXICO CITY (AP) — The notoriously violent Jalisco cartel has responded to Mexico’s “hugs, not bullets” policy with a policy of its own: The cartel kidnapped several members of an elite police force in the state of Guanajuato, tortured them to obtain names and addresses of fellow officers and is now hunting down and killing police at their homes, on their days off, in front of their families.

It is a type of direct attack on officers seldom seen outside of the most gang-plagued nations of Central America and poses the most direct challenge yet to President Andrés Manuel López Obrador’s policy of avoiding violence and rejecting any war on the cartels.

But the cartel has already declared war on the government, aiming to eradicate an elite state force known as the Tactical Group which the gang accuses of treating its members unfairly.

“If you want war, you’ll get a war. We have already shown that we know where you are. We are coming for all of you,” reads a professionally printed banner signed by the cartel and hung on a building in Guanajuato in May. Read more here.

***

Organized crime involving even the police is an integral part of the worsening immigration crisis. Criminal organizations are involved at every stage of the migration process, from motivating migrant departures for the United States to security along human smuggling routes through Mexico, to the mechanisms for entering the United States undetected.

There are two kinds of criminal groups at work here — transnational gangs and transnational criminal organizations. The brutal violence and unchecked extortion perpetrated by transnational gangs in the Northern Triangle (the nations of El Salvador, Honduras and Guatemala), targeting both civilian populations and rival gang members, motivate Central Americans to uproot their lives and families in the hope of a better, safer life in America.

Transnational criminal organizations control, regulate, and tax every land port along the southern border. They also control smuggling routes through Mexico and impose a tax, called a piso, on the smugglers and migrants who use them. These groups control the flow of migrant caravans, strategically diverting Border Patrol resources from sectors of the border that are used to smuggle illegal drugs into the United States.

For those who choose to leave the Northern Triangle for a better life in America, the escape from territory controlled by transnational gangs leads them into territory controlled by the transnational criminal organizations.

In most cases, they use coyotes — human smugglers and traffickers who charge them thousands of dollars. Human smugglers range from independent operators and loose networks to subsidiaries of the transnational criminal organizations themselves.

Beyond what migrants pay up front, as the Associated Press reports, many are kidnapped and tortured “until they reveal the phone numbers of relatives in the United States and holding them for ransom.”

If they can’t pay — or if their families can’t — they’re killed. As one analyst points out, “It’s a long trail of extortions, and it’s a very dangerous journey for all of them.”

The groups also sometimes use migrants as drug mules. They will coerce migrants traveling through their territory into carrying large bags, or mochilas, filled with illegal drugs. Not only does this perpetuate the stream of narcotics into the U.S., it also victimizes migrants, making them desperate to unlawfully enter and remain in the U.S. — even if imprisoned on drug charges — for fear of being killed if they are sent home.

The bottom line is that throwing open our borders — as President Biden has effectively done — only serves to empower these transnational criminal enterprises. His immigration policies aren’t humanitarian; they’re creating more victims.

Hunter Flew out of Joint Base Andrews 23 Times

Posted on by

And yet daddy never knew about his business adventures nor asked about them? C’mon man…so many unknown unknowns about this cat and the whole family…

Breitbart:

Rep. Devin Nunes (R-CA), the ranking member of the House Permanent Select Committee on Intelligence (HPSCI), told Breitbart News that revelations in a new book that President Joe Biden’s son Hunter Biden took more than 20 trips through Joint Base Andrews are more proof of “utter corruption” of establishment media.

“The revelation of Hunter Biden’s trips through Joint Base Andrews is further proof of the corporate media’s utter corruption and blinding partisanship,” Nunes told Breitbart News exclusively on Sunday. “They dismissed, ridiculed, and censored reporting on Hunter’s obvious conflicts of interest for the sole purpose of helping Joe Biden’s election prospects. The corporate media has fully merged with the Democratic Party, and their reporting is indistinguishable from crude Democrat talking points.”

Nunes’s comments on this matter come after revelations about Hunter Biden’s travel practices, when his father was vice president to former President Barack Obama, were published Saturday from the new book Breaking the News: Exposing the Establishment Media’s Secret Deals and Hidden Corruption. In particular, the book—from Breitbart News Editor-in-Chief Alex Marlow—revealed Secret Service travel records that showed Hunter Biden took 411 trips, including to 29 foreign countries and 23 trips through Joint Base Andrews, from 2009 to 2014. During that time, his father—now the president of the United States—was vice president of the United States.

The reason why the Joint Base Andrews trips are important is because that is the home of Air Force One and Air Force Two. On Saturday, Breitbart News published a piece from Marlow adapted from the book that further explained the significance of the revelations:

Despite this evidence that there was not an “absolute wall” between Hunter and Joe when it comes to business endeavors, the establishment press has shown little interest in exploring whether Hunter was actually leveraging his father’s power to enrich himself. In fact, quite the contrary. The New York Times, for example, published a story in 2020 portraying Hunter as a skilled artist who was mastering painting. The article, headlined “There’s a New Artist in Town. The Name Is Biden,” un-ironically featured glossy photographs of a relaxed and polished Hunter Biden working away in his studio.

The American public has been told consistently that Hunter Biden is as pure as the driven snow. Joe Biden called his son “the smartest guy I know.” Dr. Jill Biden (Ed.D.) and Joe both expressed confidence that Hunter had done nothing wrong. And, of course, Joe said he thought it was all Russian disinformation. And of course, Facebook and Twitter famously censored bombshell reporting by the New York Post on Hunter Biden that has not been proven to be “Russian” or “disinfo.”

The fact that Hunter Biden flew through Joint Base Andrews during the Obama administration more than twenty times–and to nearly 30 countries on 411 total trips, per Secret Service records–seems to contradict claims that Joe Biden made when he was running for president in 2019. “I have never spoken to my son about his overseas business dealings,” Biden said on the campaign trail in Iowa in the summer of 2019. “Here’s what I know. Trump should be investigated.”

Biden then added specific instructions for the establishment media–which dutifully obliged his not-so-subtle demand that the media instead investigate his opponent then-President Donald Trump instead of his son Hunter.

“You should be looking at Trump,” Biden told the media in Des Moines when he arrived at the annual Democrat fundraiser the Polk County Steak Fry. “He’s doing this because he knows I’ll beat him like a drum. And he’s using an abuse of power and every element of the presidency to try to smear me … Ask the right questions.”

After that, most of the establishment media followed Biden’s orders and completely ignored the hard evidence that proves the Biden narrative about Hunter Biden is untrue. Many questions remain unanswered about exactly where Hunter Biden was going, with whom he was meeting, why he was using an American military base for trips, what he was doing on these trips, and more. Those questions remain unanswered in large part because of the fact the establishment media have ignored, by and large, the Hunter Biden matter for years.

Nunes weighing in on the matter, though, is a sign that top Republicans have begun wising up to these facts about establishment media outlets. He was a critical figure in Congress during the Trump administration when it came to fighting back against fake narratives such as the Russia collusion hoax claims, and later the push to impeach Trump the first time over his call with Ukraine’s president—which was, of course, a central point in the whole Hunter Biden narrative given that it was all about corruption concerns with the now-president’s son and shady business dealings in the eastern European nation.

 

CNA Financial reportedly paid $40 million due to Ransomware Demand

Posted on by

CNA is the seventh largest commercial insurer in the United States as of 2018. CNA provides property and casualty insurance products and services for businesses and professionals in the U.S., Canada, Europe and Asia.

CNA itself is 90% owned by a holding company, Loews Corporation. This holding company also has interests in offshore oil and gas drilling rigs, natural gas transmission pipelines, oil and gas exploration, hotel operations and package manufacturing.

CNA Financial Corporation – Jenkins MBA Careers | Poole College of Management | NC State University

CNA Financial, one of the largest US insurance companies, paid $40 million to free itself from a ransomware attack that occurred in March, according to a report from Bloomberg. The hackers reportedly demanded $60 million when negotiations started about a week after some of CNA’s systems were encrypted, and the insurance company paid the lower sum a week later.

If the $40 million figure is accurate, CNA’s payout would rank as one of the highest ransomware payouts that we know about, though that’s not for lack of trying by hackers: both Apple and Acer had data that was compromised in separate $50 million ransomware demands earlier this year. It also seems like the hackers are looking for bigger payouts: just this week we saw reports that Colonial Pipeline paid a $4.4 million ransom to hackers. While that number isn’t as staggering as the demands made to CNA, it’s still much higher than the estimated average enterprise ransomware demand in 2020.

Law enforcement agencies recommend against paying ransoms, saying that payouts will encourage hackers to keep asking for higher and higher sums. For its part, CNA told Bloomberg that it wouldn’t comment on the ransom, but that it had “followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter.” In an update from May 12, CNA says that it believes its policyholders’ data were unaffected.

According to Bloomberg, the ransomware that locked CNA’s systems was Phoenix Locker, a derivative of another piece of malware called Hades. Hades was allegedly created by a Russian group with the Mr. Robot-esque name Evil Corp.

***

Ransomware Attack Payment

Ransomware attack payments are rarely disclosed. According to Palo Alto Networks, the average payment in 2020 was $312,493, and it is a 171% increase from the payments that companies made in 2019.

The $40 million payment made by CNA Financial is bigger than any previously disclosed payments to hackers, The Verge reported.

Disclosure of the payment is likely to draw the ire of lawmakers and regulators that are already unhappy that companies from the United States are making large payouts to criminal hackers who, over the last year, have targeted hospitals, drug makers, police forces, and other entities that are critical to public safety.

The FBI discourage organizations from paying ransom because it encourages additional attacks and does not guarantee that data will be returned.

Ransomware is a type of malware that encrypts the data of the victim. Cybercriminals using ransomware usually steal the data too. The hackers, then, ask for a payment to unlock the files and promise not to leak stolen data. In recent years, hackers have been targeting victims with cyber insurance policies and huge volumes of sensitive consumer data that make them more likely to pay a ransom.

Last year was a banner year for ransomware groups, with security experts and law enforcement agencies estimating that victims paid about $350 million in ransom. The cybercriminals took advantage of the pandemic, a time when hospitals, medical companies, and insurance companies were the busiest.

As per Bloomberg’s report, CNA Financial initially ignored the hackers’ demands while pursuing options to recover their files without engaging with the criminals. However, within a week, the company decided to start negotiations with the hackers, who were demanding $60 million.

Payment was made a week later. source

CNA notifying cyberattack

Source

The ransomware cyberattack interrupted the company’s employee and customer services for three days as the firm closed down “out of an abundance of caution” to prevent further damage. Certain CNA systems were impacted, including corporate email.