Category Archives: Gangs and Crimes

Grid Hacking Tool Found, Have a Generator Yet?

Posted on by

Researchers Found a Hacking Tool that Targets Energy Grids on the Dark Web

Motherboard: A sophisticated piece of government-made malware, designed to do reconnaissance on energy grid’s system ahead of an eventual cyberattack on critical infrastructure, was found on a dark web hacking forum.

Cybersecurity researchers usually catch samples of malicious software like spyware or viruses when a victim who’s using their software such as an antivirus, gets infected. But at times, they find those samples somewhere else. Such was the case for Furtim, a newly discovered malware, caught recently by researchers from the security firm SentinelOne.

SentinelOne’s researchers believe the malware was created by a team of hackers working for a government, likely from eastern Europe, according to a report published on Tuesday.

Hacking forums, of course, are home to a lot of malicious data and software. But they are usually not places where sophisticated government-made hacking tools get exchanged.

Udi Shamir, chief security officer at SentinelOne, said that it’s normal to find reused code and malware on forums because “nobody tries to reinvent the wheel again and again and again.” But in this case, “it was very surprising to see such a sophisticated sample” appear in hacking forums, he told Motherboard in a phone interview.

“This was not the work of a kid. […] It was cyberespionage at its best.”

Shamir said that the malware, dubbed Furtim, was “clearly not” made by cybercriminals to make some money but for a government spying operations.

Furtim is a “dropper tool,” a platform that infects a machine and then serves as a first step to launch further attacks. It was designed to target specifically European energy companies using Windows, was released in May, and is still active, according to SentinelOne.

Another interesting characteristic is that Furtim actively tries to avoid dozens of common antivirus products, as well as sandboxes and virtual machines, in an attempt to evade detection and stay hidden as long as possible. The goal is “to remove any antivirus software that is installed on the system and drop its final payload,” SentintelOne’s report reads.

Security experts believe that critical infrastructure, such as the energy grid, is highly vulnerable to cyberattacks, and believe a future conflict might start with taking down the power using malware. While it might sound far-fetched, at the end of last year, hackers believed to be working for the Russian government caused a blackout in parts of Ukraine after gaining access to the power grid using malware.

It’s unclear who’s behind this cyberespionage operation, but Shamir said it’s likely a government from Eastern Europe, with a lot of resources and skills. The malware’s developers were very familiar with Windows; they knew it “to the bone,” according to him.

“This was not the work of a kid,” he said. “It was cyberespionage at its best.”

****

The dropper’s principle mission is to avoid detection; it will not execute if it senses it’s being run in a virtualized environment such as a sandbox, and it also can bypass antivirus protection running on compromised machines.

The sample also includes a pair of privilege escalation exploits for patched Windows vulnerabilities (CVE-2014-4113 and CVE-2015-1701), as well as a bypass for Windows User Account Control (UAC), which limits user privileges.

“It escalates privileges after all these checks and registers a hidden binary that it drops onto the hard drive that runs early in the boot process,” SentinelOne senior security researcher Joseph Landry said. “It will go through and systematically remove any AV on the machine that it targets. Then it drops another payload to the Windows directory and runs it during login time.” More from ThreatPost

Light the White House in Blue for Law Enforcement? Nah

Posted on by

Does anyone remember directly after the Supreme Court decision on legalizing same sex marriage? Does anyone remember the White House lighted in rainbow colors in celebration for all the world to see?

The White House on Friday night is splashed with rainbow-colored lights to celebrate a Supreme Court ruling that legalized same-sex marriage around the country. 
 
The light display capped a day of jubilation over the decision at the executive mansion.  President Obama hailed the ruling Friday morning, saying in the Rose Garden justice has arrived “like a thunderbolt” for gay and lesbian couples.

 
“Today, we can say in no uncertain terms that we have made our union a little more perfect,” Obama said.
 
Before that, the president tweeted using the hashtag “#LoveWins.” White House account changed its logo to an image of the White House seal covered in rainbow colors, bearing a resemblance to the actual building’s appearance Friday evening. The Hill
 Obama said the police acted stupidly when they arrested Professor Henry Gates at this own home. Obama’s position on the matter was the cop was racist and at the time, the shamed White House ‘green czar’, Van Jones also responded that Obama was forced to sit with a racist cop.  It all started with the ‘beer summit’, Barack Obama and his entire administration has been in a battle against everything that law enforcement across the country stands for and does.
So….what is the White House ignoring today with regard to the Dallas terror attack where 12 people were shot, killing 5 police officers? Well the White House refuses to shine blue lights in solidarity with law enforcement. Shameful.

The Federal Law Enforcement Officers Association (F.L.E.O.A.) Foundation announced its request that President Obama honor the ultimate sacrifice of our fallen Dallas police heroes by illuminating the White House in blue. The request occurred on Friday.  It has not happened.

Police Magazine reports that FLEOA Foundation President Jon Adler issued the following statement:

“While we appreciate the President’s proclamation to have our flag flown at half-mast in honor of our fallen Dallas police heroes, I respectfully request that he demonstrate his full respect for their ultimate sacrifice by illuminating the White House in blue. Actions speak louder than scripted words, and the honorable act of displaying law enforcement’s ‘Thin Blue Line’ at the White House would demonstrate the President’s sincere commitment to our fallen heroes and their families. More from LawOfficer

In real pain from 3rd degree burns from an accident, Texas Governor Greg Abbott stopped treatment to return to Dallas in the wake of the terror attack. He was on vacation in Jackson Hole, Wyoming and upon returned order the Governor’s mansion to be lighted in blue as a heartfelt gesture of unity with law enforcement.

Then there is a petition on the White House website to declare Black Lives Matter a terror organization and rightly so.

A White House petition to formally recognize the Black Lives Matter movement as a terrorist organization garnered it’s one-hundred-thousandth signature Monday afternoon, the minimum-threshold for earning a response from the administration.

“Terrorism is defined as the use of violence and intimidation in pursuit of political aims,” writes the petitions author. “This definition is the same definition used to declare ISIS and other groups, as terrorist organizations.” LawOfficer

Click here to sign the petition and demonstrate unity with law enforcement, our only defense across the homeland.

Facebook Faces $1 Billion Lawsuit, Aids Terror

Posted on by

Privacy is one thing, but offering encrypted platforms with no oversight for terror communications is quite another. Since at least 2014, Islamic State, al Qaeda and  al Nusra have all used Facebook and other social media platforms where Twitter has been especially uncooperative with security and investigation officials fighting against terrorist exploitation. Is it really a 1st Amendment protection when communications are generated by declared enemy combatants? Then there is the New Black Panthers and Black Lives Matters. The debate continues.

Due mostly to Edward Snowden revealing abilities of the United States to capture intelligence of terror networks, global terrorists have successfully sought other platforms.

Some popular social media platforms are seeing a drop in use by terror groups, yet there are countless others replacing them including apps like Telegram and WhatsApp. Islamic State has a robust program on these apps for their sex trade.

Facebook began rolling out a new end-to-end encryption feature on Friday called “secret conversations” with the goal of making users feel more comfortable chatting about sensitive subjects in the app.

“We’ve heard from you that there are times when you want additional safeguards — perhaps when discussing private information like an illness or a health issue with trusted friends and family, or sending financial information to an accountant,” the company said in a release announcing the new feature.

With the new feature, Facebook Messenger’s 900 million users can choose to encrypt specific conversations so that the messages can only be read on one specific device. Facebook is also giving users the option to determine how long each message can be read for. More from CNN

Families of Victims of Hamas Terror Sue Facebook for $1 Billion

 

PJMedia: Facebook is being hit with a $1 billion lawsuit after allegedly allowing the Palestinian terrorist group Hamas use its platform to plot attacks in Israel and the West Bank that killed and wounded Americans. According to Bloomberg News: “Plaintiffs include the families of Yaakov Naftali Fraenkel, a 16-year-old abducted and murdered in June 2014 after hitching a ride in the West Bank, and 3-year-old Chaya Braun, whose stroller was struck intentionally by a Palestinian driver in October 2014 at a train station in Jerusalem.”

“Facebook has knowingly provided material support and resources to Hamas in the form of Facebook’s online social network platform and communication services,” making it liable for the violence against the five Americans, according to the lawsuit sent to Bloomberg by the office of the Israeli lawyer on the case, Nitsana Darshan-Leitner.“Simply put, Hamas uses Facebook as a tool for engaging in terrorism,” it said.

Hamas is considered a terrorist organization by the U.S., European Union and Israel. The suit said the group used Facebook to share operational and tactical information with members and followers, posting notices of upcoming demonstrations, road closures, Israeli military actions and instructions to operatives to carry out the attacks.

Mushir al-Masri, a senior Hamas leader, said by phone that “suing Facebook clearly shows the American policy of fighting freedom of the press and expression” and is evidence of U.S. prejudice against the group and “its just cause.”

It’s not at all clear that Facebook CEO Mark Zuckerberg — an influential Obama ally — would disagree with al-Masri. It’s not clear that the president would either.

While Hamas has been designated a foreign terrorist organization by the U.S. Department of State since 1997 President Obama and his national security team seem to have a far more favorable view of them. Rather than reject the Hamas and the Palestinian Authority unity government that was formed in 2014, the Obama administration continued to fund it to the tune of $500 million a year.

This alarmed American lawmakers so much, 88 senators from across party lines sent a message of “grave concern” to the White House, warning that the new PA unity effort might jeopardize direct negotiations with Israel. “Any assistance should only be provided when we have confidence that this new government is in full compliance with the restrictions contained in current law,” the letter read. More here.

 

 

Former DHS Official Explains Islamic Infiltration and the Agency

Posted on by

I personally sat in this conference call with several others….it was chilling.

Words and symbols have meaning when it comes to the Islamic world. The Islamic Caliphate has a foothold in America going back decades.

YOU MUST SIT STILL FOR THIS VIDEO SESSION.

 

Inside this conference call, Mr. Haney referred to the Words Matter Memo of 2008. Here is that memo.

This site wrote about Tablighi Jamaat directly after the San Bernardino terror attack.

TABLE 1 – The Six Principles of the Tablighi Jamaat3

Kalimah An article of faith in which the tabligh accepts that there is no god but Allah and the Prophet Muhammad is His messenger
Salaat Five daily prayers that are essential to spiritual elevation, piety, and a life free from the ills of the material world
Ilm and Dhikr The knowledge and remembrance of Allah conducted in sessions in which the congregation listens to preaching by the emir, performs prayers, recites the Quran and reads Hadith. The congregation will also use these sessions to eat meals together, thus fostering a sense of community and identity
Ikram-i-Muslim The treatment of fellow Muslims with honor and deference
Ikhlas-i-Niyat Reforming one’s life in supplication to Allah by performing every human action for the sake of Allah and toward the goal of self-transformation
Tafrigh-i-Waqt The sparing of time to live a life based on faith and learning its virtues, following in the footsteps of the Prophet, and taking His message door-to-door for the sake of faith
*A Simple Message: Tablighi Jamaat’s simple message is compromised of six basic principles formulated by Muhammad Ilyas in 1934 (See TABLE 1). With its easily understood literature, the organization reaches a wide population, varying in education and knowledge of Islam. Eschewing abstract debates on doctrine, the group focuses on the need to reform the individual spirit.
*Distance from Politics: While some current and former Tablighis occupy government posts in South Asia, the Tablighi Jamaat asserts an avowedly apolitical stance. Rather than seeking to improve the well-being of society as a whole, the group focuses on transforming the individual. Borreguero argued that this approach allows the group to remain adaptable to diverse socio-political contexts and has facilitated its expansion. By remaining apolitical (unlike the Muslim Brotherhood), the Tablighi Jamaat avoids political confrontation, allowing it to exist in countries from Latin America to Africa to the Middle East without fear of proscription. However, Borreguero emphasized that this does not completely separate the movement from political authority: some members of Tablighi Jamaat have held government positions in Pakistan and Bangladesh, and the group tends to keep close and peaceful ties with governments in South Asia.
*Respect for Authority: Tablighi Jamaat respects political authority, perhaps because the group itself is hierarchical in nature and emphasizes the authority of group elders.
*Absolute Secrecy: An important key to the group’s transnational appeal is the near absolute secrecy with which it operates. Very little is known about the group’s inner workings because it does not hold official records of its membership and leadership ranks, nor does it keep formal financial books or minutes of shura decision-making. Other than Muhammad Ilyas’ “Six Principles” there is no other overarching doctrine to which the group adheres. According to Borreguero, maintaining secrecy stems not from a concern that authorities will uncover any nefarious dealings within the movement. Instead, it is ostensibly a shield against charismatic personalities creating internecine squabbles and splinter factions. More here.

Yet, the most terrifying organization as described by Mr. Haney in this video is The Assembly of Muslim Jurists of America. While we fret over the turn of our Supreme Court, this Islamic group changes all law enforcement culture in American, lower courts and education through indoctrination.

Assembly of Muslim Jurists of America

ClarionProject: AMJA’s jurists preach jihad, female genital mutilation and allow marital rape. The Assembly of Muslim Jurists of America (AMJA) says it “was established in response to the growing need of an Islamic jurisprudence specific to Muslims in the West. Its main goal is to uphold authentic standards using high academic standards, moderate approach and a rejection of extremism.”

In 2008, Al-Sawy said that Muslims are only allowed to become American citizens when there are no other viable options because the country is not ruled by sharia law:

As for optionally obtaining citizenship of a non-Muslim country it is definitely prohibited without a doubt, moreover it could be a form of apostasy or main means leading to apostasy because willingly accepting the laws of disbelievers and obeying it without any valid excuse or enforcement, or ignorance is considered a nullifier to Tawheed [the doctrine of oneness of God] and Islam.” Read the full summary here.

*****

“See Something, Say Nothing” author Phil Haney reveals the
shocking truth about Muslim Brotherhood infiltration into the U.S. and how they are being aided and abetted by our government. Includes powerpoint and Q&A session following the presentation.

Another Gitmo Detainee Released to Italy

Posted on by

So, while Obama is finishing his trip to Poland and Spain and the homeland is under attack by Black Lives Matter and The New Black Panthers and we mourn the death of law enforcement…the Department of Defense was busy otherwise.

They released Fayiz Ahmad Yahia Suleiman to Italy.

Captured at Arab Brigade on the front lines in Afghanistan. Detainee received basic militant training at al-Qaida’s al-Faruq Training Camp and advanced training in poisons at al-Qaida’s Tarnak Farm Training Camp. Detainee is reported to be a veteran of the Bosnian Jihad and a close associate of former Bosnian commander and al-Qaida operative Abu Zubayr al-Haili. JTFGTMO determined this detainee to be:

  • A HIGH risk, as he is likely to pose a threat to the US, its interests, and allies
  • A HIGH threat from a detention perspective
  • Of HIGH intelligence value

Read his full jacket and history here.

As directed by the president’s Jan. 22, 2009, executive order, the interagency Guantanamo Review Task Force conducted a comprehensive review of this case. As a result of that review, which examined a number of factors, including security issues, Suleiman  was unanimously approved for transfer by the six departments and agencies comprising the task force.

In accordance with statutory requirements, the secretary of defense informed Congress of the United States’ intent to transfer this individual and of the secretary’s determination that this transfer meets the statutory standard.

The United States is grateful to the Government of Italy for its humanitarian gesture and willingness to support ongoing U.S. efforts to close the Guantanamo Bay detention facility. The United States coordinated with the Government of Italy to ensure this transfer took place consistent with appropriate security and humane treatment measures.

Today, 78 detainees remain at Guantanamo Bay.

So who is Fayiz Ahmad Yahia Suleiman?

Fayiz Ahmad Yahia Suleiman is a citizen of Yemen currently held in the Guantanamo Bay detention camps, in Cuba after being classified as an enemy combatant by the United States‘s.[1] American intelligence analysts estimate Suleiman was born in 1974 in Jeddah, Saudi Arabia and the Department of Defense assigned him the Internment Serial Number 153.

As of September 2010 Fayiz Ahmad Yahia Suleiman has been confined in the Guantanamo detention camps without charge for eight years eight months.[2]

A Summary of Evidence memo was prepared for Fayiz Ahmad Yahia Suleiman’s Combatant Status Review Tribunal, on October 12, 2004.[3][4] The memo listed the following allegations against him:

a. The detainee is associated with al Qaida and the Taliban:

  1. Originally from Jeddah, Saudi Arabia,[5] the detainee traveled to Jalalabad, Afghanistan via Hudaida, Yemen; Sana Yemen; Dubai, United Arab Emirates; Karachi , Pakistan; Quetta, Pakistan; and Kabul, Afghanistan.
  2. The detainee worked for a suspected al Qaida operative in Jeddah, Saudi Arabia.
  3. The detainee trained in Khandahar, Afghanistan to make poisons.
  4. Two of the detainee’s aliases are listed in a document recovered from a safehouse raid associated with suspected al Qaida members in Karachi, Pakistan.
b. The detainee participated in military operations against the United States and its coalition partners:

  1. The detainee was a member of an Arab fighting group against the Northern Alliance in Talaqoun.
  2. The detainee was a nurse at Talaquon while fighting the Northern Alliance and was at Tora Bora before trying to cross the border into Pakistan.
  3. The detainee was arrested in December 2001, by Pakistani authorities attempting to cross the border from Afghanistan with other Arabs.

First annual Administrative Review Board

A Summary of Evidence memo was prepared for Fayiz Ahmad Yahia Suleiman’s first annual Administrative Review Board, on 27 May 2005.[7] The memo listed factors for and against his continued detention.

There is no record that Fayiz Ahmad Yahia Suleiman participated in this Board hearing.

Second annual Administrative Review Board

A Summary of Evidence memo was prepared for Fayiz Ahmad Yahia Suleiman’s second annual Administrative Review Board, on 8 August 2006.[8] The memo listed factors for and against his continued detention.

There is no record that Fayiz Ahmad Yahia Suleiman participated in this Board hearing.

References

  1. list of prisoners (.pdf), US Department of Defense, May 15, 2006
  2. Fayiz Ahmad Yahia Suleiman – The Guantánamo Docket [1] The New York Times
  3. Summary of Evidence for Combatant Status Review Tribunal — Suleiman, Fayiz Ahmad Yahia [2] OARDEC October 12, 2004
  4. OARDEC (October 12, 2004). “Summary of Evidence for Combatant Status Review Tribunal — Suleiman, Fayiz Ahmad Yahia”. United States Department of Defense. pp. pages 53–54. http://www.dod.mil/pubs/foi/detainees/csrt_arb/000101-000200.pdf#53. Retrieved 2007-12-04. 
  5. When this memo was first released in March 2005 “Jeddah, Saudi Arabia” was redacted.
  6. Review process unprecedented [3] Spc Timothy Book March 10, 2006
  7. OARDEC (27 May 2005). “Unclassified Summary of Evidence for Administrative Review Board in the case of Suleiman, Fayiz Ahmad Yahia”. United States Department of Defense. pp. pages 77–78. http://www.dod.mil/pubs/foi/detainees/csrt_arb/ARB_Round_1_Factors_000099-000196.pdf#77. Retrieved 2007-12-04. 
  8. OARDEC (8 August 2006). “Unclassified Summary of Evidence for Administrative Review Board in the case of”. United States Department of Defense. pp. pages 26–28. http://www.dod.mil/pubs/foi/detainees/csrt_arb/ARB_Round_2_Factors_200-298.pdf#26. Retrieved 2007-12-04.