Category Archives: Treasury

Democrats Version of Vetting, Ethics Violations and Terror

Posted on by

The Federalist Papers reports that Imran Awan, ringleader of the group that includes his brothers Abid and Jamal, has provided IT services since 2005 for Florida Democrat Rep. Debbie Wasserman Schultz, the former Democratic National Committee (DNC) chairwoman. The brothers are from Pakistan. The Daily Caller reports that Jamal handled IT for Rep. Joaquin Castro, a Texas Democrat who serves on both the intelligence and foreign affairs panels.

“As of 2/2, his employment with our office has been terminated,” Castro spokeswoman Erin Hatch told TheDCNF Friday.

Jamal also worked for Louisiana Democrat Rep. Cedric Richmond, who is on the Committee on Homeland Security.

Imran worked for Reps. Andre Carson, an Indiana Democrat, and Jackie Speier, a California Democrat. Both are members of the intelligence committee, and their spokesmen did not respond to TheDCNF’s requests for comment. Imran also worked for the House office of Wasserman Schultz.

Then-Rep. Tammy Duckworth, an Illinois Democrat, employed Abid for IT work in 2016. She was a member of House committees dealing with the armed services, oversight, and Benghazi. Duckworth was elected to the Senate in November, 2016. Abid has a prior criminal record and a bankruptcy.

Abid also worked for Rep. Lois Frankel, a Florida Democrat who is member of the foreign affairs committee. To actually see all the representatives that shared the salary expense or Imran Awan, go here. Sheesh, seems lots of democrats have some REAL explaining to do.

Imran Awan, a current staffer, earned an estimated salary of $165,130 as a Shared Employee through the most recent House pay period. This was 2.4 times greater than the median for a House staff.

Awan has been employed in Congress since at least Q3 ’09 (employment information is not available prior to ‘Q3 2009 for House staffers and ‘Q3 2011 for Senate staffers, so Awan’s actual start date may be earlier), and has also been a staffer for Rep. Jackie Speier (D-CA14) and Rep. Yvette Clarke (D-NY9).

*** There is a formal investigation by Congress.

Congressional Aides in Criminal Probe Owed Money to Hezbollah-Connected Fugitive

Congressional aides suspected of criminally misusing their access to House computer systems owed $100,000 to an Iraqi politician who is wanted by U.S. authorities and has been linked to Hezbollah, the Iranian-backed Middle Eastern terrorist outfit.

Imran Awan and four of his relatives were employed as information technology aides by dozens of House Democrats, including members of the intelligence, foreign affairs, and homeland security committees.

The aides’ administrator-level IT access was terminated earlier this month amid a criminal probe by U.S. Capitol Police of a suspected security breach, including an off-site server housing congressional data.
dcnf-logo

The Daily Caller News Foundation Investigative Group has reported that while working for Congress, the Pakistani brothers controlled a limited liability corporation called Cars International A, a car dealership with odd finances, which took—and was unable to repay—a $100,000 loan from Dr. Ali Al-Attar.

Philip Giraldi, a former CIA officer, wrote that Al-Attar “was observed in Beirut, Lebanon, conversing with a Hezbollah official” in 2012—shortly after the loan was made. Al-Attar has also been accused of helping provoke the 2003 U.S. invasion of Iraq as a leader of Iraqi dissidents opposed to Saddam Hussein.

After moving to the U.S., Al-Attar made his money practicing medicine in Maryland and Virginia and defrauding Medicare, Medicaid, and insurance companies by billing for nonexistent medical procedures. The FBI raided his offices in 2009 and the Department of Health and Human Services sued his business partner in 2011.

Al-Attar was indicted in March 2012 on separate tax fraud charges after the IRS and FBI found he used multiple bank accounts to hide income. He fled back to Iraq to avoid prison.

“He’s a fugitive. I am not aware of any extradition treaty with Iraq,” Marcia Murphy, spokesman for federal prosecutors in Maryland, told The Daily Caller News Foundation Tuesday. “If or when he returns to the U.S., the prosecution will continue.”

Brothers Imran, Abid, and Jamal Awan, as well as their wives Natalia Sova and Hina Alvi, were all on the congressional payroll.

Not long before the indictment, Pakistani-born Virginia resident Nasir Khattak, who co-owned Cars International A with Abid, still had access to some bank accounts holding Al-Attar’s assets.

Khattak was a realtor, and with Al-Attar’s permission, “acquired the money through adjustments to the accounts that he controlled as the realtor for Al-Attar,” court documents say.

Abid managed the car dealership’s daily operations, even though he was also employed full time running computers for representatives that have included Emanuel Cleaver of Missouri, Tammy Duckworth of Illinois, and Yvette Clarke of New York. But the car dealership was hemorrhaging money. Customers were often shown cars borrowed from a dealership next door.

“It was very bad record-keeping in Cars International … it is close to impossible to make any sense out of all the transactions that happened,” Khattak said in court documents.

The dealership’s finances interwove with the House’s. A car-dealing associate who was owed money by the brothers, Rao Abbas, was placed on the congressional payroll.

Khattak said Cars International A was a “family business” and by 2010 Imran was its primary manager instead of Abid.

Abid filed for personal bankruptcy in 2012 because the dealership was in his name, listing $1 million in liabilities. Bankruptcies are a major security red flag in background checks for employees in sensitive positions.

The loan from Al-Attar was never repaid, leading to a lawsuit over the dealership’s future. Al-Attar claimed the loan default meant the dealership became his, but refused to testify in person, giving power of attorney to someone else to give evidence on his behalf.

Khattak said in court documents that was because “Ali Al-Attar was out of the country as he was involved in politics and the formation of the Iraqi government.” Though he was fugitive, that was also true.

Giraldi, the former CIA officer, wrote in The American Conservative in 2013 that Al-Attar advised President George W. Bush’s key Iraq policy advisers that U.S. forces would be “greeted as liberators.”

“In late 2002 and early 2003, [then-Deputy Secretary of Defense Paul] Wolfowitz regularly met secretly with a group of Iraqi expatriates, consisting mostly of Shias but also including several Sunnis, who resided in the Washington area,” Giraldi wrote. “The Iraqis were headed by one Dr. Ali A. Al-Attar.”

Al-Attar’s prediction was wrong, and his qualifications for making it—supposedly based on what the D.C.-area Iraqis were hearing from relatives—were questionable because, although Al-Attar was born in Iraq, his parents were Iranian.

But the U.S.-backed regime change served Al-Attar well, as in 2003, he told The New York Times that “he was one of four people chosen by Gen. Jay Garner to re-establish the Iraq Ministry of Health, and that he expected to be called to Baghdad next week.”

That stay in Iraq apparently did not last long, as in 2009, his medical license was suspended by Maryland for separate instances of billing patients and insurance companies for unneeded services.

In November 2010, the Maryland State Board of Physicians brought still more charges of “unprofessional conduct in the practice of medicine and failure to cooperate in a lawful investigation.”

Al-Attar’s attorney said the board was a “Trojan horse” for the FBI. The board said Al-Attar’s “failure to cooperate with the board investigation was deliberate, longstanding, and defiant,” and in March 2012 revoked his license.

The Awan brothers worked for members including Andre Carson of Indiana, one of two Muslims in Congress, and a member of the ultra-sensitive intelligence committee.

ATF is an Agency with Rogue Operations on Cigarettes?

Posted on by

Primer: In deference to the ATF, it is known with historical cases that tobacco smuggling does fund terror, see document at end of post)

In 2013, Sixteen Palestinian men, some with ties to convicted terrorists, were indicted in a scheme of cigarette smuggling that spanned New York, Maryland, Delaware, Virginia and New Jersey states. Some of them had ties to known terrorist organizations. See the official case here.

A.T.F. Filled Secret Bank Account With Millions From Shadowy Cigarette Sales

Charlie Batten, a fifth-generation tobacco farmer and U.S. Tobacco Cooperative Inc. board member, at his farm in Four Oaks, N.C. The co-op negotiated a deal to buy a tobacco distribution company whose owners had secret ties to the Bureau of Alcohol, Tobacco, Firearms and Explosives. Jeremy M. Lange for The New York Times

NYT’s/WASHINGTON— Working from an office suite behind a Burger King in southern Virginia, operatives used a web of shadowy cigarette sales to funnel tens of millions of dollars into a secret bank account. They weren’t known smugglers, but rather agents from the Bureau of Alcohol, Tobacco, Firearms and Explosives.

The operation, not authorized under Justice Department rules, gave agents an off-the-books way to finance undercover investigations and pay informants without the usual cumbersome paperwork and close oversight, according to court records and people close to the operation.

The secret account is at the heart of a federal racketeering lawsuit brought by a collective of tobacco farmers who say they were swindled out of $24 million. A pair of A.T.F. informants received at least $1 million each from that sum, records show.

The scheme relied on phony shipments of snack food disguised as tobacco. The agents were experts: Their job was to catch cigarette smugglers, so they knew exactly how it was done.

Government records and interviews with people involved reveal an operation that existed on a murky frontier — between investigating smuggling and being complicit in it. After The New York Times began asking about the operation last summer, the Justice Department disclosed it to the department’s inspector general’s office, which is investigating. The inspector general “expressed serious concerns,” court records show.

The investigation and the looming racketeering trial will bring renewed scrutiny to the A.T.F., which has been buffeted in recent years by the botched gun-tracking operation known as Fast and Furious and its mismanagement of undercover investigations. Members of Congress, particularly Republicans, have heaped criticism on the agency for decades, and the National Rifle Association has lobbied to limit the agency’s authority and funding.

While government auditors have previously cited problems with A.T.F.’s tobacco investigations, this operation went beyond what was identified in that audit, released in 2013. The A.T.F. and the Justice Department declined to comment.

Documents in the racketeering lawsuit outline the A.T.F. operation. The tobacco cooperative is suing a former employee and a consultant who, according to court documents, both worked as A.T.F. informants. The informants have denied all wrongdoing.

Discarded cigarettes at a U.S. Tobacco manufacturing plant in Timberlake, N.C. The U.S. Tobacco co-op is made up of about 700 tobacco farmers who pool their crops and share the profits. Jeremy M. Lange for The New York Times

Part of their defense, records show, is that they acted on behalf of the government. In response, a judge recently added the United States government as a defendant.

Since last summer, The Times has fought to make all the documents public, but the Justice Department has argued successfully in court to keep them secret. Crucial details, however, have been revealed through poor redaction, documents that were filed publicly by mistake and the sheer difficulty of keeping so much a secret for so long.

Buying Into an Operation

In spring 2011, U.S. Tobacco Cooperative was looking to expand its distribution network. The co-op is made up of about 700 tobacco farmers — from Virginia to Florida — who pool their crops and share the profits. Based in Raleigh, N.C., the company is a major exporter to China and produces discount-brand cigarettes including Wildhorse, Traffic and 1839.

“These are really, really good people,” said Stuart D. Thompson, the cooperative’s chief executive. “Every year, they take all their chips. They put them on the table, and they hope they get them all back.”

They also had an existing secret relationship with the A.T.F., records show.

The two men have filed court documents acknowledging “participation in undercover law enforcement activities.” And a judge’s sealed order, which is publicly available online, revealed that the two men worked “on behalf of various government agencies, primarily the Bureau of Alcohol, Tobacco, Firearms and Explosives.”

Jason Carpenter and Christopher Small, who owned Big South Wholesale in Bristol, Va., have acknowledged participating in undercover law enforcement operations.

The basics of cigarette smuggling are simple. Each state sets its tobacco taxes. Buying cigarettes in low-tax states, like Virginia, and secretly selling them in higher-tax states, like New York, generates large profits. More complicated schemes have shipped cigarettes to Indian reservations, where they are not taxed, then rerouted them for sale on the black market.

A.T.F. agents try to disrupt these networks. Often that means working with informants to buy and sell tobacco on the black market, much the way agents pose as drug dealers to investigate cartels.

Because so much of the case remains sealed, Mr. Carpenter and Mr. Small are prohibited from answering questions about nearly every aspect of the case. “Everything we did that is being attacked now in litigation, we did in good faith,” they said in a statement.

Stuart D. Thompson, chief executive of U.S. Tobacco, on the manufacturing floor of the plant in Timberlake, N.C. Jeremy M. Lange for The New York Times

Exactly who at U.S. Tobacco knew about their A.T.F. ties and what they knew are a matter of dispute. But there were signs that Big South was not a simple tobacco distributor. Its assets included more than two dozen vehicles, including expensive S.U.V.s and a fleet of Mercedes, B.M.W., Audi, Lexus and Jaguar sports cars.

Early 2011 was a time of intense pressure inside the A.T.F. The agency was under fire from Congress over the Fast and Furious operation, in which agents allowed gun traffickers to buy weapons and ship them to Mexico, hoping the shipments could lead them to major weapons dealers. Justice Department auditors began scrutinizing how A.T.F. agents managed their tobacco smuggling investigations.

With that audit continuing, the A.T.F. issued new rules to tightly monitor undercover investigations. Soon after those rules went into effect, U.S. Tobacco completed its purchase of Big South for $5.5 million, a deal that gave Big South the authority to buy and sell cigarettes on behalf of the cooperative. Almost immediately, the farmers say, Mr. Carpenter and Mr. Small began defrauding them.

It worked like this: An export company working with the A.T.F. placed an order for cigarettes to be shipped internationally — thus not subject to American taxes. Big South would instead ship bottled water and potato chips, making it look as if cigarettes had been exported. Mr. Carpenter and Mr. Small would then buy the tobacco at a slight markup through a private bank account. Lastly, they would sell the tobacco to Big South, again at a markup.

“It’s what I saw with my own eyes,” said Brandon Moore, the warehouse manager and one of the people who discussed the transactions in the case. Their accounts fit with descriptions in court records.

Mr. Moore said he was aware of the A.T.F. operation but became troubled by it as he learned more. “It shouldn’t be going on, even if it is the A.T.F.,” he said.

In one deal described in the lawsuit, the informants bought tobacco at $15 a carton and sold it to U.S. Tobacco at $17.50. The profit, about $519,000, went into what was known as a “management account.” That account, while controlled by Mr. Carpenter and Mr. Small, helped pay for A.T.F. investigations.

Mr. Moore, the warehouse manager, said agents often told him what to buy on the company’s credit card. For instance, he recalled spending tens of thousands of dollars at Best Buy on iPads, televisions and other gifts to curry favor with potential criminal targets.

A testing room at U.S. Tobacco’s Timberlake facilities, where buyers can sample types of tobacco. Jeremy M. Lange for The New York Times

Mr. Carpenter and Mr. Small have also acknowledged in court documents receiving more than $1 million each, though it is not clear from public documents whether that was profit or reimbursement for expenses paid on behalf of the government.

How that arrangement began is unclear. Ryan Kaye, an A.T.F. supervisor, testified that the management account was created “as a result of verbal directives from the A.T.F. program office and other headquarters officials.” Mr. Kaye’s full statement is sealed, but excerpts are cited in one publicly available document.

The defendants in the lawsuit contend that U.S. Tobacco got a good deal on the cigarettes, even at the prices they paid. The farmers tell a different story, saying they never would have purchased Big South if they understood that Mr. Carpenter and Mr. Small had a side arrangement that involved selling them tobacco at inflated values.

The arrangement began to break down in late 2012, when Mr. Thompson joined U.S. Tobacco as the chief financial officer. He was curious why his warehouse was placing so many orders for a brand of cigarette that competes against U.S. Tobacco. He could not get a straight answer, the company said in court documents.

In March 2013, Mr. Moore picked up the phone, called Mr. Thompson and explained what was happening. “I did what I did because of the ethics of it,” Mr. Moore said recently. “What was happening there was wrong.”

Once U.S. Tobacco discovered the bookkeeping irregularities, it reported them to the Justice Department, which investigates white-collar crime and government misconduct. Records show that the Justice Department, which includes the A.T.F., investigated some aspects of the case but no charges were filed.

“We voted unanimously to give everything we had to the government,” said Charlie Batten, a U.S. Tobacco board member whose family has worked the same North Carolina soil for generations. “We thought they would take it and run with it. What happened was, they’ve fought us tooth and nail.”

Because of the sealing order, Mr. Thompson, Mr. Batten and others are prohibited from discussing what happened to the money — even with their own farmers.

Three years into its lawsuit, U.S. Tobacco still cannot disentangle itself from the government. The cooperative recently told a judge that it was under investigation by the Treasury Department.

All those secret tobacco sales, it turns out, should have been taxed. And the government wants its money.

****

House Homeland Security Committee: Tobacco and Terror: How Cigarette Smuggling is Funding our Enemies Abroa… by stoptobaccosmuggling on Scribd

California Secede from United States, Courtesy of Russia

Posted on by

The movement:

In our view, the United States of America represents so many things that conflict with Californian values, and our continued statehood means California will continue subsidizing the other states to our own detriment, and to the detriment of our children.

Although charity is part of our culture, when you consider that California’s infrastructure is falling apart, our public schools are ranked among the worst in the entire country, we have the highest number of homeless persons living without shelter and other basic necessities, poverty rates remain high, income inequality continues to expand, and we must often borrow money from the future to provide services for today, now is not the time for charity.

However, this independence referendum is about more than California subsidizing other states of this country. It is about the right to self-determination and the concept of voluntary association, both of which are supported by constitutional and international law.

It is about California taking its place in the world, standing as an equal among nations. We believe in two fundamental truths: (1) California exerts a positive influence on the rest of the world, and (2) California could do more good as an independent country than it is able to do as just a U.S. state.

In 2016, the United Kingdom voted to leave the international community with their “Brexit” vote. Our “Calexit” referendum is about California joining the international community. You have a big decision to make.

****

He’s the founder of a Californian independence movement. Just don’t ask him why he lives in Russia.

WaPo: Louis J. Marinelli is a man on a quixotic mission: to help California secede from the United States and become an independent country.

Image result for Louis J. Marinelli

Surprisingly, this quest has been going relatively well of late. Marinelli’s group, Yes California, is attempting to collect 585,000 signatures necessary to place a secessionist question on the 2018 ballot. Buoyed by California’s already tense relationship with President Trump, the campaign has received a large amount of press coverage and support over the past few months.

But for the 30-year-old Yes California president, there remains one annoying problem: People keep asking him why he lives in Russia.

In the wake of Yes California’s recently acquired momentum, a lot of people have taken note of Marinelli’s unusual home base. Numerous articles have appeared in the Californian media noting Marinelli’s choice of residence. On social media, discussions about Marinelli often take on a deeply conspiratorial tone.

“Hands off California, Putin,” a rival secessionist movement, the California National Party, tweeted in January. “We won’t take orders from your puppet Moscow Marinelli.”

Marinelli has perhaps compounded the issue by making numerous appearances on Russian state media (approximately once a week, by his own estimation), at times offering a political viewpoint that seems to line up neatly with the Kremlin’s. In late December, the Russian media gave widespread coverage to Marinelli as his group opened a “Californian Embassy” in Moscow.

Speaking via video chat from his home in Yekaterinburg earlier this month, Marinelli seemed exasperated when quizzed about his decision to live in Russia.

Image result for yekaterinburg russia

“And Barack Obama was born in Kenya, right?” he said incredulously.

“The fact that I’m an English teacher in Yekaterinburg doesn’t mean there’s some Russian government conspiracy or support for our campaign,” Marinelli said. “The fact that I studied Russian language courses at Saint Petersburg State University in 2007 or ’08 doesn’t mean that I know Vladimir Putin, who graduated from there in 1975.”

He offered an explanation for his circumstances that went into more detail than one posted in a FAQ section on the Yes California website. It presented a reasonable — though unusual — set of events that had resulted in him leading a Californian independence movement from half a world away.

It goes like this: Buffalo-born Marinelli moved to California in 2006. A year later, he upped sticks and went to Saint Petersburg State University to study Russian. He lived “on and off” in Russia between 2007 and 2011, during which time he met his wife, a Russian citizen. The pair moved back to San Diego, but Marinelli’s partner ran into problems with the U.S. immigration system.

“Her visa had expired and there was really no way for us to easily adjust her status,” Marinelli said. “If she had left the country, she’d be banned for 10 years, and so that wasn’t an option.”

Marinelli said they received a “glimmer of hope” last August that would allow his wife, who has been unable to leave the country until her legal status in the United States was secured, a chance to return home. She was desperate to visit her family, he said, so Marinelli found an apartment in Yekaterinburg and a job teaching English for a semester that provided him a visa. But then, according to his telling, “the immigration thing kind of fell through,” and his wife was unable to travel.

The end result was that Marinelli was obliged to go to Russia, he said, while his Russian wife was stuck in San Diego. “We’re still working on resolving the problem,” Marinelli said, adding that his wife was in the process of getting a green card. “Hopefully that goes well and we can end this chapter of our lives.”

It’s a strange situation — and not exactly how some of Marinelli’s partners in Yes California describe it (Marcus Ruiz Evans, the group’s vice president, told The Washington Post that Marinelli’s wife also lived in Russia).

But it is a plausible scenario.

Marinelli’s ties to Alexander Ionov are perhaps bigger conspiracy fodder. Ionov is the founder of the Anti-Globalization Movement of Russia, a group that supports various secessionist movements around the world. Last September, he put on a Kremlin-sponsored event in Moscow for Western secessionists that Marinelli and other representatives of Yes California attended.

Reached via email, Ionov said that about 30 percent of the funding for the event came from the Russian government. But he said none of that money was given to any U.S. groups, including Yes California. Marinelli also pushed back on the idea that this represents a link with the Russian government.

“We don’t have any communication with or contact with or receive any support of any kind from the Russian government or any Russian government officials,” Marinelli said.

“We’re not actively pursuing a dialogue with Vladimir Putin here in Russia even though I’m in Russia,” he added.

Would Putin want a dialogue? Some experts said that while Ionov and his group may have some limited ties to the Kremlin, they are ultimately small fry in Moscow.

Simon Saradzhyan, the founding director of the Russia Matters Project at Harvard’s Belfer Center for Science and International Affairs, said that the Russian government probably wasn’t taking the Yes California project very seriously, “if only because that chances that this movement can eventually win independence for that state are close to zero.” But Saradzhyan also noted that Russia could well be interested in getting revenge on Washington for what it saw as U.S. support for Chechen separatism in the 1990s.

Fiona Hill, a Russia expert with Brookings Institution, said in an email that historical Russian links to California added further intrigue to the situation.

“Russia had a major early-19th century colony in California and there has been quite a lot of interest in promoting this from circle’s close to the Kremlin,” Hill said, pointing to Kremlin-connected oligarch Viktor Vekselberg and his interest in Fort Ross, the former colony in what is now Sonoma County.

It sounds outlandish, but after an election in which Russian interference supposedly helped a former reality television star with no political experience gain entry to the White House — well, perhaps it doesn’t seem that outlandish. Marinelli didn’t sound like a fan of the way that election turned out. He repeatedly criticized Trump during his interview with WorldViews, noting how the U.S. president had threatened to defund California.

Marinelli also admitted that he voted for Trump — a tactical decision, he explained. “We need things that we can use to promote the cause, and I think Donald Trump is a daily advertisement for that cause,” he said, noting that his vote didn’t matter much in California, anyway.

When it comes to Marinelli’s thoughts on the other president in his life, Putin, he keeps his cards closer to his chest. He said he doesn’t have an emotional connection to Russia in the same way he does the United States, which is actually “a great thing” about living in Yekaterinburg.

Back home, he said, he was often frustrated by what he saw as America’s failings.

“I think every country has progress to make on some fronts. People say, for example, that Russia has progress to make when it comes to civil rights and human rights,” he said. “And the United States doesn’t? In Russia, police aren’t shooting people because of their skin color. There’s pros and cons.”

Read more:

‘California is a nation, not a state’: This movement wants a break from the U.S.

What did Google Know, When did The Know it?

Posted on by

Image result for google russian hacking Techviral

A Glimpse Into How Much Google Knows About Russian Government Hackers

A 2014 leaked private report from Google shows how much the internet giant knows about government hacking groups.

Motherboard: In October of 2014 an American security company revealed that a group of hackers affiliated with the Russian government, dubbed APT28, had targeted Georgia and other Eastern European countries in a wide-ranging espionage campaign. Two and a half years later, APT28—also known as “Fancy Bear” or “Sofacy”—is a household name not just in the cybersecurity industry, but in the mainstream too, thanks to its attack on the US Democratic party and the ensuing leaks of documents and emails.

Before that report by FireEye, APT28 was a well-kept secret within the cybersecurity industry. At the time, several companies were willing to share information about the hacking group. Even Google investigated the group, and penned a 40-page technical report on the hacking group that has never been published before.

This sort of document, which Motherboard obtained from two independent sources, may be a common sight in the threat intelligence industry, but the public rarely gets to see what such a report from Google looks like. The report draws from one of Google’s most interesting sources of data when it comes to malware and cybersecurity threats: VirusTotal, a public malware repository that the internet giant acquired in 2012.

Sofacy and X-Agent, the report read, referring to the malware used by APT28, “are used by a sophisticated state-sponsored group targeting primarily former Soviet republics, NATO members, and other Western European countries.”

“It looks like Google researchers were well aware of Sofacy before it was publicly disclosed.”

While Google security researchers don’t dwell into who’s really behind these operations, they do hint that they agree with the now widespread belief that APT28 works for the Russian government in a clever, indirect, way—in the very title of the report: “Peering into the Aquarium.”

While that might seem like an obscure title, for those who follow Russian espionage activities, it’s a clear reference to the headquarters of the military intelligence agency known as GRU or Glavnoye Razvedyvatel’noye Upravleniye, which are popularly known as “The Aquarium.”

“It looks like Google researchers were well aware of Sofacy before it was publicly disclosed,” Matt Suiche, a security researcher and the founder of Comae Technologies and the OPCDE  conference, told Motherboard in an online chat after reviewing the report. “And also attributed Sofacy and X-Agent to Russia before it was publicly done by FireEye, ESET or CrowdStrike.”

In its report Google security researcher note that APT28 attacks a large number of targets with its first-stage malware Sofacy, but only uses the more tailored and sophisticated X-Agent, which was recently used against Ukraine’s military units, for “high-priority targets.”

“Sofacy was three times more common than X-Agent in the wild, with over 600 distinct samples,” Google’s report stated.

Asked for comment, a Google spokesperson said via email that the company’s “security teams are constantly monitoring potential threats to internet users, and regularly publish information to better protect them.”

The report noted that Georgia had the highest ratio of submissions of Sofacy malware, followed by Romania, Russia and Denmark.

While this report is now a bit dated, it shows that for all its sophistication, APT28 has been often caught in the act of hacking politically interesting targets, betraying the origin of the hackers behind the dry nickname. It also reveals how much a company like Google, which doesn’t have software installed on thousands of customers computers like other antivirus and security vendors that is designed to specifically detect malware, can still learn a lot about government hacking groups thanks to the other data it has access to.

*** Related reading:

State-sponsored hackers targeting prominent journalists, Google warns

Politico: Google has warned a number of prominent journalists that state-sponsored hackers are attempting to steal their passwords and break into their inboxes, the journalists tell POLITICO.

Jonathan Chait of New York Magazine said he received several messages from Google warning him about an attack from a government-backed hacker starting shortly after the election. He said the most recent warning came two to three weeks ago.

Julia Ioffe, who recently started at The Atlantic and has covered Russia for years, said she got warnings as recently as two weeks ago. (See one of the warnings: http://bit.ly/2kMUyRb)

Some journalists getting the warnings say they suspect the hackers could be Russians looking to find incriminating emails they could leak to embarrass journalists, either by revealing alleged liberal bias or to expose the sausage-making of D.C. journalism.

“The fact that all this started right after the election suggests to me that journalists are the next wave to be targeted by state-sponsored hackers in the way that Democrats were during it,” said one journalist who got the warning. “I worry that the outcome is going to be the same: Someone, somewhere, is going to get hacked, and then the contents of their gmail will be weaponized against them — and by extension all media.”

The Russian embassy did not respond to a request for comment.

Image result for russian embassy washington dc Russian embassy Washington DC

Google cautioned that the warnings did not mean the accounts had been compromised already and were sent due to “an abundance of caution.”

“Since 2012, we’ve notified users when we believe their Google accounts are being targeted by government-backed attackers,” said a Google spokesperson in a statement. “We send these warnings out of an abundance of caution — they do not indicate that a user’s account has already been compromised or that a more widespread attack is occurring when they receive the notice.”

Ezra Klein, the founder of Vox, said he had received the warning as recently as a few days back. CNN senior media reporter Brian Stelter said he has been getting the alerts for the past few months.

Other journalists who confirmed they’ve recently gotten the warnings include New York Times national security correspondent David Sanger, Times columnist Paul Krugman and Yahoo Washington bureau chief Garance Franke-Ruta.

GQ special contributor Keith Olbermann said the warnings started a few weeks after the election, and he received the most recent alert earlier this week, a “big bright red bar” across the top of his Gmail. Some of the reporters say they are tightening up their email security to try to prevent the hackers from getting in.

Chait also said he was “contacted over email by a stranger who offered to help me by giving me an encryption key to protect me from hackers. He would not give me his name, meet me or talk on the phone, despite repeated requests.”

The stranger also emailed The Atlantic’s David Frum, James Fallows and Adam Serwer, Andrew Sullivan and Ars Technica’s Dan Goodin.

Stanford professor Michael McFaul, the former U.S. ambassador to Russia, said he also received hacking warnings from Google. He added: “Given my background, one would have to guess that it’s the Russians.”

Iran Buying War Torn Syria Real Estate, Pipelines Abound

Posted on by

Damascus, Syria is known as the city of Jasmine. It is rich in religious history including Christians, Jews and Muslims. If there is any question about how Iran is advancing their power in the region to include Syria and eventually erasing history, then read on.

Now?  AFP

BEIRUT: Syrian government forces fired rockets at a rebel-held area on Damascus’s outskirts on Sunday, pressing an attack that began the day before and has killed up to 16 people, a medical worker and war monitors said.
The medical worker and the Syrian Observatory for Human Rights said it was the biggest attack on the Qaboun area, to the city’s northeast, in at least two years.
At least three shells hit government-held areas closer to the center of Damascus and near Qaboun on Sunday, but there were no reports of casualties, a Hezbollah-run military media unit and a Reuters witness said.
On Saturday, a government sniper killed one person in the area and rockets hit a cemetery on Qaboun’s outskirts, the medical worker, who asked not to be named, told Reuters.
The British-based Observatory also reported attacks on a cemetery.
Reuters could not independently verify the accounts.
There was no immediate government comment on the Damascus fighting.
The Observatory said 16 people had died in the violence around Qaboun since Saturday, the highest death toll from fighting there for more than two years.
The medical worker in nearby Eastern Ghouta, just outside Damascus, said at least 13 people had died. He said he could hear explosions coming from Qaboun early on Sunday.
Violence in western Syria has increasingly tarnished a shaky cease-fire which took effect on Dec. 30, backed by Damascus ally Russia and Turkey, which supports rebels.

*** Related image

The Syrian Commission for Media has issued a report regarding purchases and long-term renting carried out by figures with close ties to the Syrian regime, including Abdullah Nazzam, Iran’s man in Syria. Real estate offices in Damascus have confirmed Nazzam’s unprecedented activity in buying property in capital.

Reports from Damascus and Tehran said that Iran’s men have expanded their purchase activities to include a number of properties in the capital since last June.

The activities of pro-regime businessmen in the purchase of real estate were largely limited to areas of eastern Damascus, namely the Old City, but after June, Abdullah Nazzam expanded his sights on the entire capital.

In addition, the Iranians have also increased their purchasing activities in Eastern Ghouta, largely in Maliha, which is owned by the state, making it easier for the Iranians to circumvent local Syrian laws, especially after the decline of Eastern Ghouta’s battalions after fierce fighting rocked the region last year.

Syrian opposition sources confirmed earlier that many hotels – including Caldah, Iwan, Asia, Damascus International, Venice and Petra – are now owned by the Iranian Embassy in Damascus, ​​in addition to holding shares in the Samiramis Hotel. The Iranian Embassy also sought to buy huge portions of real estate in the Old City of Damascus, specifically in the area extending from behind the Umayyad Mosque to the Bab Touma area, and in the western region of al-Maryamiyah neighborhood.

Image result for iran buying real estate in syria VOA

*** Iranians Buying Up Land in War-Torn Syria

New buildings are seen in Damascus, Syria, in this file photo. Iranians are investing in and providing labor for some of the construction in the war-torn country. AFP PHOTO/ LOUAI BESHARA

New buildings are seen in Damascus, Syria, in this file photo. Iranians are investing in and providing labor for some of the construction in the war-torn country. AFP PHOTO/ LOUAI BESHARA

VOA: Iran’s government wants its builders to buy up property in Shi-ite majority neighborhoods of Syria’s capital, Damascus.

It is also asking construction workers to go to Syria.

This information comes from construction industry officials in Tehran and Iranian experts.

Iranian analyst Fariborz Saremi said owning real estate gives Iran more control over Syria and other parts of the Middle East.

Rich and conservative Iranian business people with ties to the government are buying expensive homes in Damascus, according to news reports. This is influencing price increases in Syria’s real estate markets.

“Five million houses have been destroyed in the civil war,” said Syrian economist Khorshid Alika told Voice of America. “The increased Iranian demand to buy land and properties has naturally led to more inflation in the market.”

Iran’s interest in Syrian real estate is not new. But it increased after the rebel uprising began in 2011.

Government-run media have been reporting recently about how Iran joined Russia to support Syrian President Bashar al-Assad. Assad’s government has been fighting against rebels and the Islamic State terror group.

Iran is not only asking people to buy homes and property in Syria. The country is also asking construction workers and contractors to take jobs there.

One contractor said a fellow contractor with close ties to the Iranian government told him he had a chance to make money in Damascus.

“When we asked about the security, he said that the zone is even more secure than Tehran,” Iranian contractor Amir Maghsoudloo told VOA.

Iran is home to about 3 million people from Afghanistan. Many fled the war-torn country. Most earn low wages in Iran. They are being offered better paying construction jobs in Syria.

Some Damascus construction projects are run by Afghan nationals from Iran, said Tahi Esmali. He is an Afghan national who works as a bricklayer. He had worked in Iran before moving to Syria in 2015.

Iranian interests are not limited to Damascus. Iranian business people and companies are looking to invest in projects in the central Syrian city of Homs. The Syrian military and its Lebanese Hezbollah allies recaptured Homs in late 2015.

The Iranian government has supported Syrian President Assad. Recent reports in state-run media say that Iran increased the size of its Revolutionary Guard Corps in Syria.

*** What more is causing all the interest in Syria by Iran and Russia? Well there are other countries with interests as well….pipelines.

As noted in late 2015: The Syrian Civil War stems from a disagreement between the Saudis and Russia over the route for a new gas pipeline ducting Gulf gas to the lucrative European markets. Russia, whose only Mediterranean base is located in Tartus, Syria, supports Assad’s initiative of a gas pipeline from Iran through Iraq and Syria (the Iran-Iraq-Syria pipeline). But Saudi Arabia’s hardline Sunni Muslims wants to overthrow Syria’s Assad, who is a Shia Muslim, for religious reasons. They want to run a 100 per cent Sunni-controlled pipeline from Qatar through Syria and Turkey (the Qatar-Turkey pipeline), into Europe. As a result of this disagreement a proxy war is taking place in Syria between the aforementioned powers. Meanwhile displaced Syrian refugees are flooding into Europe with jihadis in their midst.

Map of proposed Iran-Iraq-Syria pipeline and Qatar-Turkey pipeline

Originally, Europeans were strongly in favor of deposing Assad for so-called “humanitarian reasons”. Their humanitarian concerns for Assad’s repressive regime veil the truth – Europe resents depending on Russia for 40 per cent of its gas. Russian President Putin annexed Crimea and maintained a belligerent stance, pushing Europe to favor the pipeline proposal of Qatar and Saudi Arabia. The Saudi plan to duct natural gas all the way to Europe through Syria and Turkey came with a catch – Assad would have to be toppled. The US supported the initiative as Russia’s only Mediterranean naval base would disappear with Assad. Thus, the Western world had itself a new plan that would bring peace and prosperity to the region. That is after the “initial shakeout” necessary to oust Assad.

The “initial shakeout” didn’t go as planned. Russia-backed Assad proved far more resilient than anticipated. But more importantly, western-backed Islamic militias committed such barbaric acts of terror they even made Assad, and Russia, look good in comparison. An emboldened ISIS gradually took over several of the region’s oil fields to fund its operations to the tune of $50 million per month by smuggling oil into Turkey. The routes and means were well established during the previous oil embargo on Iraq and so are the financial networks that profit from it in Turkey. Today, crude oil illegally smuggled by ISIS into Turkey accounts for a fairly significant 3.5 per cent of Turkey’s total oil imports. More here.