$30 Million in Grants for Kits of Crack, Cocaine and Meth, no Really

Update –> There is a BIG mess going on in DC about how ‘crack pipes’ are part of the ‘safe smoking kits’….HHS Secretary and the White House are saying that crack pipes are not included in the distribution…yeah okay…but hold on fact checkers….upon doing more checking seems our own government was funding a crack pipe study in Mexico….you know that Dr. Fauci agency….now we may know where this all started.

This is the page regarding the crack pipe study we paid for in 2019 in Mexico. 

This is the screenshot in case it goes away…giggles: 

When government become an illicit drug distributor….a bridge too far?

Source: In the name of harm reduction, the substance abuse arm of the Health and Human Services Agency will begin providing funds to help distribute “safe smoking kits” for the consumption of various illicit drugs like crack cocaine and crystal meth.

The Substance Abuse and Mental Health Services Agency (SAMHSA) has allocated roughly $30 million for a Harm Reduction Program Grant, which includes funding for syringe exchange programs, the opioid reversal drug naloxone, test kits to detect fentanyl and “safe smoking kits/supplies,” among other more traditional measures, like HIV testing and safer sex resources.

A grant program funded by the Biden administration will furnish syringes and “safe smoking kits” among other items as a means to advancing equity.

The deadline for the $30 million program is Monday, with the Department of Health and Human Services distributing funds to nonprofit groups and local governments. Among the items the grant will pay for are syringes and “safe smoking kits/supplies.”The kits will allow users to smoke crack cocaine, crystal methamphetamine, and other illicit substances. source

*** Per the Drug Enforcement Agency (DEA) website, the top paragraph reads –>

Drug Enforcement Administration

The Drug Enforcement Administration enforces the United States’ controlled substance laws and regulations and aims to reduce the supply of and demand for such substances.

Support for drug demand reduction and prevention programs through educational and other campaigns and initiatives including the Red Ribbon CampaignNational Takeback DayOperation Engage and One Pill Can Kill.

How does the Department of Justice of which the DEA is the authority square with this exactly? We now have local, state and the Federal governments contributing to the drug epidemic problem plaguing the whole country. Policymakers are just nuts and exactly how is this objective contributing to a positive outcome?

Article continues (…)

'Crack pipes is where we draw the line': Safe smoking kits ...

Harm reduction efforts, like testing for infectious diseases, needle exchanges and naloxone distribution programs, are nothing new, but providing federal taxpayer funds for paraphernalia used to smoke drugs is.

>>>


An HHS spokesperson reportedly confirmed to The Washington Free Beacon these “safe smoking kits” will provide pipes for the consumption of “any illicit substance” to reduce the risk of infection, which can potentially occur through cuts and sores.

Seattle previously distributed meth pipes to residents in 2015, according to Reuters, but it’s reportedly hard to tell the benefit such a program can have.

“It is plausible the intervention could be effective,” said Matthew Golden, a Seattle and King County disease control official and a University of Washington medical professor, when the program was launched. “It’s simply an unstudied idea.”

One nonprofit said it had conducted research which determined meth users would be less likely to inject the drug if given access to pipes, but there is little evidence to back up such a claim, Reuters reported.

San Francisco has handed out crack pipes as well, according to local reporting, where allegedly an estimated 25,000 people actively inject drugs.

The SAMHSA grant’s $30 million will be spread across three years, and the money will be prioritized for “underserved communities that are greatly impacted by substance use disorder (SUD).”

Other measures funded by the grant include harm reduction vending machines – including the contents to stock them, infectious disease test kits and medicines, vaccination services and wound care supplies.

The National Desk reached out to SAMHSA to see if the “safe smoking kits” will also be available at harm reduction vending machines across the country but did not receive an immediate response in time for publication. This story will be updated if a response is obtained.

Terminate Germany’s Membership in NATO, Consider Georgia and Finland

Defense Minister Annegret Kramp-Karrenbauer said Germany would spend 2% of its economic output on defense by 2031, belatedly reaching the goal set by NATO leaders at a 2014 summit, months after Russia’s annexation of Ukraine’s Crimea peninsula.

“NATO is and will remain the anchor of European security. But it is also clear that Europe must increase its own complementary ability to act,” Kramp-Karrenbauer told a private event to honor NATO Secretary-General Jens Stoltenberg on Wednesday night.

“This starts with the defense budget. We need (to spend) 1.5% by 2024 and 2% by 2031 at the latest,” she said.

***

Germany has prohibited Estonia from shipping weapons to Ukraine. Is Germany agreeable to a Russia/Ukraine military conflict and the destruction of a country’s sovereignty while casualties and refugees are likely? Think about that. Did Germany ever criticize Germany for the poison deaths by Russia of those living in the U.S. and in Britain? How about when Russia shot down a commercial airliner killing all the passengers? What about the countless times Russia threatens allied naval vessels or buzzes military aircraft in sovereign airspace? We also cannot overlook Russian hackers when they struck Ukraine several times. Hello Germany…you out there?

Putin Targets Germany, NATO's Weakest Link - by Peter Rough source

Meanwhile, beginning with Chancellor Merkel and now with Olaf Scholz, Germany has gone more rogue if that is possible which means they are ‘all-in’ with Russia mostly due to needing energy. Under Merkel, Germany is terminating nuclear power as an energy resource and is going in with natural gas and bio-mass along with on shore and off shore wind. Fully going green including solar. Germany's Russia problem: Ukraine crisis tests new government | Financial Times source

Meanwhile, remember a few years ago when Germany took in millions of Syrian refugees? Germany has been facing a labor shortage for many years so rather than crafting a domestic policy for the good of Germans, it was decided that refugees and migrants were the solution and this is not a new phenomenon as it began years before with Turks. An aging workforce and a low birthrate caused Germany to go outside the country to get workers. Audi and Mercedes considered this move to be an economic miracle but while some of that has been positive, the larger picture tells another story. Language skills, education, work ethics, bureaucracy, culture and training has been a bigger problem.

Oh….exactly what countries are the best customers for German cars? Yup….Russia and especially China….go figure. That Chinese human rights violation of the million Uighurs in prison and working in slave conditions is not exclusive to China by the way….as German companies profit from exploiting Uighur slave labor. Ever heard of Hugo Boss or Aldi? Yup and then there are American companies doing much the same…such as Nike or Puma, Amazon and Abercrombie and Fitch. Details here.

For more details on the raw truths go here.

Germany’s economic condition relies fully on raw materials from foreign countries and it’s supply chain is much worse than most of Europe or the United States…for this reason, we see how Germany side-steps the NATO doctrine while a few other countries including Finland and Georgia would be good replacements if they meet the fundamental requirements, perhaps even Bosnia and Herzegovina and least of all Ukraine.

Fundamental NATO membership includes the following:

NATO membership is potentially open to all of Europe’s emerging democracies that share the alliance’s values and are ready to meet the obligations of membership.

There is no checklist for membership.

Candidates for membership must meet the following five requirements:

–New members must uphold democracy, including tolerating diversity.

–New members must be making progress toward a market economy.

–Their military forces must be under firm civilian control.

–They must be good neighbors and respect sovereignty outside their borders.

–They must be working toward compatibility with NATO forces.

Again, while these criteria are essential, they do not constitute a checklist leading automatically to NATO membership.

New members must be invited by a consensus of current members.

Decisions to invite new members must take into account the required ratification process in the member states. In the case of the United States, decisions are made in consultation with Congress.

China has Fully Loyalty of Much of America

It does not begin and end with zero consequence of China for all things pandemic….it is much much worse. Consider all the items below and then apply critical thinking on why America is so subservient to the Chinese Communist Party.

The list is hardly complete but here is a good start:

  1. Dr. Fauci –>Source: Adam Hott, who works on the National Institutes of Health (NIH) Clinical Sequencing Evidence-Generating Research group, is also affiliated with the United States Heartland China Association (USHCA). He serves on the controversial group’s education committee, which seeks to “brings together resources in K12 and higher education to apply research, expertise, and new entrants to the workforce to US-China collaboration.”

    The unearthing of the United States Heartland China Association (USHCA) ties to Chinese foreign influence groups follow reports of Chinese Communist Party members and firms buying up American farmland, raising national security concerns among lawmakers.

    In addition to partnering with various branches of the Chinese regime, the USHCA also is “proudly working with” the China-United States Exchange Foundation (CUSEF).

    The organization is an integral component of the Chinese Communist Party’s “United Front,” an effort that seeks to “co-opt and neutralize sources of potential opposition to the policies and authority of its ruling Chinese Communist Party” and “influence foreign governments to take actions or adopt positions supportive of Beijing’s preferred policies,” according to the U.S. government.

  2. Then there is Hunter Biden and the whole Biden family.Source: A grand jury subpoena was issued 17 months before the 2020 election for Hunter Biden’s bank transactions involving the Bank of China, a corruption watchdog has found, raising concerns that damaging material about then-candidate Joe Biden was hidden from voters.

    The order sent by the Department of Justice to JP Morgan Chase bank asked for the records of any international financial transactions for the past five years involving Hunter, his uncle James Biden and former business partners Devon Archer and Eric Schwerin, according to federal documents.

    The anti-corruption nonprofit Marco Polo, founded by former Trump administration official Garrett Ziegler, obtained the filing, which targets the financial ties between the four men and the Bank of China.

    The subpoena was issued by Delaware’s US Attorney David Weiss on May 15, 2019. At the time, Hunter’s father, Joe Biden, was a presidential candidate.

  3. President Joe Biden meets virtually with Chinese President Xi Jinping from the Roosevelt Room of the White House in Washington, Nov. 15, 2021.source
  4. Perhaps the worst of it all –> and it is a long one…sit back and process as you read it. Source: A new, comprehensive report by the Victims of Communism Memorial Foundation, titled “Corporate Complicity Scorecard,” reveals what these companies have traded away and how much their Faustian bargain with the CCP has endangered all of us.The report, produced jointly by VOC and Horizon Advisory, evaluates eight well-known American corporations — Amazon, Apple, Dell, Facebook, GE, Google, Intel, and Microsoft. It presents “broad-ranging assessments of the nature of American corporations’ involvement in China” based on a set of indicators, including compliance with Chinese data regimes and supply chain exposure to forced labor risk. The report assigns a letter grade between A to F to the companies, with Facebook and Google receiving the highest score of “B,” while GE, Intel, and Microsoft got the lowest score of “F.”

    According to the VOC report, these American companies’ complicity endangers everyone else for several reasons. It exposes U.S. indus­trial supply chains to China’s forced labor and other human rights atrocities. It empowers a strategic competitor while hollowing out U.S. industrial capacity. It also makes U.S. industry a conduit for the Chinese gov­ernment’s vast information collection (i.e., surveillance programs). Lastly, it makes U.S. industry a channel for Chinese influence and pro­paganda abroad.

    All eight companies’ complicity is also endangering their long-term survival because through the “Made in China 2025” initiative, the Chinese government has been developing domestic competitors, intending to become “self-reliant” in strategically essential technologies. Shockingly, these American companies seem to fail to recognize that their technology transfers and billions of dollar investment in China will end up creating their own eventual replacements in this market.

    Furthermore, some of these companies have engaged “in political lobbying in the U.S. in ways that ultimately serves Beijing’s interests while potentially undermining the values and principles that undergird the western democratic order.”

    Intel Gets an ‘F’

    Intel sent a letter earlier this year to suppliers advising them not to source from Xinjiang, without mentioning either forced labor or genocide committed by the CCP against Uyghur Muslims and other minorities in the region. Still, the company promptly apologized to China after its letter drew backlash from state media and Chinese nationalists.

    The VOC report provides insights into Intel’s engagement in China. The company has a prominent presence in the country, including 17 campuses, at least two production sites, and “a series of innovation and R&D centers across China.” The company has built extensive ties to Chinese government agencies. For instance, the company has partnered with the Chinese Academy of Sciences Institute of Automation (CASIA), a “core contributor to China’s military and military-civil fusion programs.”

    Intel also collaborated with China’s Ministry of Industry and Information (MIIT), a “leading state entity charged with implementing China’s military-civil fusion national strategy.” The report finds “Intel executives continue to engage with MIIT rep­resentatives in fields relevant to military-civil fusion, even as tensions between the US government and China escalate and risks posed by Beijing’s military-civil fusion strategy become more evident.”

    Intel’s partnership with Chinese companies is also problematic. The company is a long-time major supplier to Hikvision, a Chinese state-owned manufacturer and sup­plier of surveillance equipment. The two companies launched a com­prehensive partnership in artificial intelligence in 2017.

    After the Trump administration added Hikvision to the U.S. Department of Commerce’s Entity List and barred it from buying restricted components from the United States in 2019, former Intel Chief Executive Officer Bob Swan reportedly vowed to use “Intel’s global operating capabilities to reduce the impact on customers.” Later that year, several U.S. technology firms, including Intel and Microsoft, issued a joint statement “calling for then-President Trump not to impose tariffs on Chinese lap­tops and tablets.”

    The VOC report also finds that “Intel technology was being used in surveillance systems in Xinjiang” and “Intel had invested in and provided technologies to a company embedded in Xinjiang and supported by the Chinese Ministry of Public Security.” Intel essentially plays a critical role in enabling the Chinese government to build a digital prison in Xinjiang and monitor every move by millions of Uyghur Muslims.

    Microsoft Also Gets an ‘F’

    Microsoft also received a grade of “F.” The VOC report finds that “Microsoft has a significant, and growing, network of innovation centers, data centers, joint laboratories, and other technology hubs in China. Many of these have been established in partnership with the Chinese government or gov­ernment-tied entities.”

    For example, Microsoft has built at least 10 data centers in China, all operated by a local Chinese partner, 21Vianet. In compliance with China’s data security laws, all data collected at these centers are accessible to the Chinese government.

    Microsoft has also partnered with Chinese companies to tailor its products to meet the Chinese government’s needs. A 2021 report from Top10VPN found that many Chinese government surveillance and censorship organs “use Windows prod­ucts in their security and surveillance systems.”

    Like Intel, Microsoft has established strategic cooperation agreements with Chinese companies that “the US government has identified as tied to the Chinese military or as an export restriction concern.” For example, one of Microsoft’s strategic partners is Dajing Innovations (DJI), a leader in civilian drones and imaging technology. The Trump administration put DJI on the Department of Commerce’s sanctioned Entity List in 2020. Microsoft has yet to sever its business ties with DJI.

    At least three Chinese suppliers of Microsoft were found to involve forced labor in Xinjiang. However, Microsoft has maintained business relationships with these suppliers. In addition, the company continues to invest in R&D in China “even as tensions between the US and China escalate—and Beijing’s technological ambi­tions have become broadly recognized as posing risks for global human rights and security.”

    Why GE Received an ‘F’

    GE is the third company that receives an “F.” Similar to Intel and Microsoft, GE’s many partnerships in China “appear to involve technology-sharing, including with core players in China’s military, military-civil fusion, and surveillance system. Those partnerships have also granted military-tied Chinese players positions of leverage in GE’s supply chains, critical to both America’s national security and its manufac­turing base.”

    Since GE is also a key contractor for the U.S. Department of Defense, these partnerships and technology-sharing agreements are especially troubling.

    Losing Strategy

    The VOC report gave the other five companies slightly better scores than “F.” But make no mistake, all of these companies have similarly “supported Beijing’s military modernization, the surveillance state, and human rights violations in exchange for access to China’s market.”

    As the great power competition between the U.S. and China intensifies, corporations cannot pretend this is business as usual. Whether they like it or not, corporations are increasingly at the center of the Sino-U.S. geopolitical conflict. These American companies should never forget what made them successful in the first place.

    In the words of former Attorney General William Barr, American companies are beneficiaries of “the American free enterprise system, the rule of law, and the security afforded by America’s economic, technological, and military strength.” China’s authoritarian regime is not a “hospitable one for institutions that depend on free markets, free trade, or the free exchange of ideas,” Barr said.

    The VOC scorecard reminds these American companies that acquiescing to Beijing is a lose-lose strategy and will endanger all of us in the long run.

    Microsoft in ChinaBack in 2007, Bill Gates told Fortune that he expected China to be Microsoft’s biggest market, “though it might take 10 years.”. Those comments were made during a visit to Beijing when Gates was awarded an honorary degree from Tsinghua University and met with four members of China’s ruling Politburo. More detail

The Great Lockdown Lie

It is almost being admitted by the CDC and the Biden administration that Covid and Omicron is over. Hospital vacancy is in a good place and those affected by any type of variant are being treated by countless therapeutics with recorded success. Meanwhile, the lockdown and mask policies across the country is finally being evaluated and rightly so. But the mainstream media just refuses to publish new truths and statistics.

NR: The authors of a new paper on the impact of Covid-19 lockdown measures may also have to go into hiding, for revealing their true impact on everyday people. The paper from Johns Hopkins University, “A Literature Review and Meta-Analysis of the Effects of Lockdowns on COVID-19 Mortality,” compares several dozen studies of the impact of lockdown measures in the early part of the pandemic. The authors conclude that “lockdowns have had little or no effect on COVID-19 mortality.” This review of basically all the relevant studies demolishes the elites’ entire justification for ruinous lockdowns.

The authors, hailing from Denmark, Sweden, and the U.S. (the American, Steve Hanke, is a contributor to this publication) sifted through thousands of studies to focus on 34 that met their search criteria, looking at lockdowns all around the world. They then compared the data and conclusions.

The paper starts by noting that “an often cited model simulation study by researchers at the Imperial College London (Ferguson et al. (2020)) predicted that a suppression strategy based on a lockdown would reduce COVID-19 mortality by up to 98%.” The Imperial College simulation was among the sources used by public-health authorities to justify the earliest lockdowns. It turned out to be more than 98 percent wrong.

According to the authors, the most-precise studies found no statistically significant effect of lockdowns on mortality. Looking at the 24 studies from which excess mortality rates could be calculated in comparison to a standardized metric for severity of lockdowns, the authors estimated that severe lockdowns may have reduced Covid-19 mortality by perhaps 2 percent. That amounts to perhaps 1/20th the number of people who die from the flu every year, and to save people from the flu, our public-health authorities resort to little beyond facilitating the provision of flu shots.

But on further investigation, the impact appears to have been even smaller than that. “Indeed, according to stringency index studies, lockdowns in Europe and the United States reduced only COVID-19 mortality by 0.2% on average.” In summary, “Based on the stringency index studies, we find little to no evidence that mandated lockdowns in Europe and the United States had a noticeable effect on COVID-19 mortality rates.”

Some studies actually found that lockdowns increased Covid-19 mortality, particularly in the case of the most severe “shelter in place” lockdowns: “Although this appears to be counterintuitive, it could be the result of an (asymptomatic) infected person being isolated at home under a [shelter-in-place order] can infect family members with a higher viral load causing more severe illness.”

According to some studies, lockdowns that limit gatherings may have increased Covid-19 mortality by as much as 1.6 percent. The authors speculate that because lockdowns limited peoples’ access to safe outdoor places where they could gather without masks, the lockdowns pushed people to meet at less-safe (indoor) places privately. “Indeed, we do find some evidence that limiting gatherings was counterproductive and increased COVID-19 mortality.”

The authors found similar results for mask mandates, though the relevant studies were more contradictory, likely due to small sample sizes. (The study reviews lockdowns in the early pandemic, when mask mandates were not uniformly adopted). The much richer data set from other airborne influenzas found that “wearing a mask probably makes little or no difference to the outcome of laboratory-confirmed influenza compared to not wearing a mask.”

The authors did find that “only business closure consistently shows evidence of a negative relationship with COVID-19 mortality, but the variation in the estimated effect is large. Three studies find little to no effect, and three find large effects.” Moreover, the most effective business closures appear to be bar closures.

One of the study’s more depressing findings is that lockdowns appear to have been heavily driven by intergovernmental peer pressure. “In short,” the authors note, “it is not the severity of the pandemic that drives the adoption of lockdowns, but rather the propensity to copy policies initiated by neighboring countries.”

Further, the review uncovered a significant disconnect between the data and the conclusions drawn in several papers. “We base our interpretations solely on the empirical estimates and not on the authors’ own interpretation of their results,” the authors write.

Where the authors found significant impact on mortality was in people changing their own behavior as a result of relevant information about risks and mitigation. “What Bjork et al. (2021) find is that information and signaling is far more important than the strictness of the lockdown.” Milton Friedman must be smiling up above. According to the authors, “it should be clear that one important role for government authorities is to provide information so that citizens can voluntarily respond to the pandemic in a way that mitigates their exposure.”

The paper’s conclusion should close the book on all the lockdowns:

The use of lockdowns is a unique feature of the COVID-19 pandemic. Lockdowns have not been used to such a large extent during any of the pandemics of the past century. However, lockdowns during the initial phase of the COVID-19 pandemic have had devastating effects. They have contributed to reducing economic activity, raising unemployment, reducing schooling, causing political unrest, contributing to domestic violence, and undermining liberal democracy. These costs to society must be compared to the benefits of lockdowns, which our meta-analysis has shown are marginal at best. Such a standard benefit-cost calculation leads to a strong conclusion: lockdowns should be rejected out of hand as a pandemic policy instrument.

Other experts are starting to speak up along similar lines. Dr. Vinay Prasad of UC–San Francisco speculates in a series of tweets that the Biden administration is obsessed with pushing mandates on the low-risk population perhaps because it has few tools to push mandates on the high-risk population — nursing-home patients — but feels the need to do something. Driven to use the tools they have, the Biden administration has been forcing boosters on younger and younger children, even though we know that (a) they are at little risk of severe disease and virtually no risk if already vaccinated, (b) there is little evidence the boosters help young people at all, and (c) FDA officials are resigning in protest.

 

Dr. Prasad’s insight is strongly supported by another new study from a team of researchers spanning disciplines and institutions from University of Washington to Harvard, Johns Hopkins, and Oxford. The authors of the new study, “The Unintended Consequences of COVID-19 Vaccine Policy: Why Mandates, Passports, and Segregated Lockdowns May Cause more Harm than Good,” warn that heavy-handed mandates are not scientifically based, raise basic ethical and human-rights concerns, and are eroding trust in both scientific and public-health authorities:

While COVID-19 vaccines have had a profound impact on decreasing global morbidity and mortality burdens, we argue that current population-wide mandatory vaccine policies are scientifically questionable, ethically problematic, and misguided. Such policies may lead to detrimental long-term impacts on uptake of future public health measures, including COVID-19 vaccines themselves as well as routine immunizations. Restricting people’s access to work, education, public transport, and social life based on COVID-19 vaccination status impinges on human rights, promotes stigma and social polarization, and adversely affects health and wellbeing. Mandating vaccination is one of the most powerful interventions in public health and should be used sparingly and carefully to uphold ethical norms and trust in scientific institutions.

It’s not just the mandates that are eroding trust in public institutions. On January 5, 2022, the State of California extended its indoor mask mandate through February 15. Violators face up to six months in jail.

That didn’t stop Los Angeles mayor Eric Garcetti, San Francisco mayor London Breed, and California governor Gavin Newsom from whooping it up with “Magic” Johnson at the NFC Championship game last weekend, in pictures that are still up on Twitter:

Needless to say, nobody was wearing a mask, despite the fact that Johnson is immunocompromised with HIV — a significant comorbidity of Covid-19. Mayor Garcetti later clarified that he was holding his breath.

As for the workers down below, they can keep holding their breath, too.

Gotta wonder what Australia is thinking and going to do next…

Meanwhile, Microsoft Details the Russian Hack of Ukraine

The Windows maker’s Threat Intelligence Center (MSTIC) is tracking the cluster under the moniker ACTINIUM (previously as DEV-0157), sticking to its tradition of identifying nation-state activities by chemical element names.

The Ukrainian government, in November 2021, publicly attributed Gamaredon to the Russian Federal Security Service (FSB) and connected its operations to the FSB Office of Russia in the Republic of Crimea and the city of Sevastopol. Details.

***

Gamaredon APT Improves Toolset to Target Ukraine Government, Military |  Threatpost source

The Gamaredon APT was first spotted in 2013 and in 2015, when researchers at LookingGlass shared the details of a cyber espionage operation tracked as Operation Armageddon, targeting other Ukrainian entities. Their “special attention” on Eastern European countries was also confirmed by CERT-UA, the Ukrainian Computer Emergency Response Team.

The discovered attack appears to be designed to lure military personnel: it  leverage a legit document of the “State of the Armed Forces of Ukraine” dated back in the 2nd April 2019. Source

For this reason, Cybaze-Yoroi ZLAB team dissected this suspicious sample to confirm the possible link with Russian threat actors.

***

There are several outside government cyber experts that are reporting much the same as Microsoft as noted here.

Source: While Gamaredon has mainly targeted Ukrainian officials and organizations in the past, the group attempted an attack on January 19 that aimed to compromise a Western government “entity” in Ukraine, researchers at Palo Alto Networks’ Unit 42 organization reported Thursday. Gamaredon leadership includes five Russian Federal Security Service officers, the Security Service of Ukraine said previously.

Microsoft threat researchers released their own findings on Gamaredon in the blog post today, disclosing that the group has been actively involved in malicious cyber activity in Ukraine since October 2021.

While the hacker group has been dubbed “Gamaredon” by Unit 42, Microsoft refers to the group by the name “Actinium.”

“In the last six months, MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired access to move laterally into related organizations,” the threat researchers said in the post. “MSTIC has observed ACTINIUM operating out of Crimea with objectives consistent with cyber espionage.”

Evading detection

Tactics used frequently by the group include spear-phishing emails with malicious macro attachments, resulting in deployment of remote templates, the researchers said. By causing a document to load a remote document template with malicious code—the macros—this “ensures that malicious content is only loaded when required (for example, when the user opens the document),” Microsoft said.

“This helps attackers to evade static detections, for example, by systems that scan attachments for malicious content,” the researchers said. “Having the malicious macro hosted remotely also allows an attacker to control when and how the malicious component is delivered, further evading detection by preventing automated systems from obtaining and analyzing the malicious component.”

The Microsoft researchers report that they’ve observed numerous email phishing lures used by Gamaredon, including those that impersonate legitimate organizations, “using benign attachments to establish trust and familiarity with the target.”

In terms of malware, Gamaredon uses a variety of different strains—the most “feature-rich” of which is Pterodo, according to Microsoft. The Pterodo malware family brings an “ability to evade detection and thwart analysis” through the use of a “dynamic Windows function hashing algorithm to map necessary API components, and an ‘on-demand’ scheme for decrypting needed data and freeing allocated heap space when used,” the researchers said.

Meanwhile, the PowerPunch malware used by the group is “an agile and evolving sequence of malicious code,” Microsoft said. Other malware families employed by Gamaredon include ObfuMerry, ObfuBerry, DilongTrash, DinoTrain, and DesertDown.

‘Very agile threat’

Gamaredon “quickly develops new obfuscated and lightweight capabilities to deploy more advanced malware later,” the Microsoft researchers said. “These are fast-moving targets with a high degree of variance.”

Payloads analyzed by the researchers show a major emphasis on obfuscated VBScript (Visual Basic Script), a Microsoft scripting language. “As an attack, this is not a novel approach, yet it continues to prove successful as antivirus solutions must consistently adapt to keep pace with a very agile threat,” the researchers said.

Unit 42 had reported Thursday that Gamaredon’s attempted attack against a western government organization in January involved a targeted phishing attempt.

Instead of emailing the malware downloader to their target, Gamaredon “leveraged a job search and employment service within Ukraine,” the Unit 42 researchers said. “In doing so, the actors searched for an active job posting, uploaded their downloader as a resume and submitted it through the job search platform to a Western government entity.”

Due to the “steps and precision delivery involved in this campaign, it appears this may have been a specific, deliberate attempt by Gamaredon to compromise this Western government organization,” Unit 42 said in its post.

Unit 42 has said it’s not identifying or further describing the western government entity that was targeted by Gamaredon.

No connection to ‘WhisperGate’ attacks

The attempted January 19 attack by Gamaredon came less than a week after more than 70 Ukrainian government websites were targeted with the new “WhisperGate” family of malware.

However, the threat actor responsible for those attacks appears to be separate from Gamaredon, the Microsoft researchers said in the post today. The Microsoft Threat Intelligence Center “has not found any indicators correlating these two actors or their operations,” the researchers said.

The U.S. Department of Homeland Security (DHS) last month suggested it’s possible that Russia might be eyeing a cyberattack against U.S. infrastructure, amid tensions between the countries over Ukraine.

Estimates suggest Russia has stationed more than 100,000 troops on the eastern border of Ukraine. On Wednesday, U.S. President Joe Biden approved sending an additional 3,000 U.S. troops to Eastern Europe.