Category Archives: Whistleblower

N Korea uses Stolen Cryptocurrency to Fund its Missile Program

Posted on by

Sanctions kinda work and kinda don’t work…seems in the case of North Korea..they have failed.

In 2017, North Korea tested several missiles demonstrating what seemed to be rapid advances in its military technology.

The Hwasong-12 was thought to be able to reach as far as 4,500km (2,800 miles), putting US military bases on the Pacific island of Guam well within striking distance.  source

The Academy of National Defense Science conducts long-range cruise missile tests in North Korea, as pictured in this combination of undated photos supplied by North Korea's Korean Central News Agency (KCNA) on 13 September 2021

Later, the Hwasong-14 demonstrated even greater potential, with a range of 8,000km although some studies suggested it could travel as far as 10,000km if fired on a maximum trajectory.

This would have given Pyongyang its first truly intercontinental ballistic missile, capable of reaching New York.

Eventually, the Hwasong-15 was tested, peaking at an estimated altitude of 4,500km – 10 times higher than the International Space Station.

If fired on a more conventional “flatter” trajectory, the missile could have a maximum range of some 13,000km, putting all of the continental US in range.

North Korea continued to develop its nuclear and ballistic missile programs during the past year and cyberattacks on cryptocurrency exchanges were an important revenue source for Pyongyang, according to an excerpt of a confidential United Nations report seen on Saturday by Reuters.

The annual report by independent sanctions monitors was submitted on Friday evening to the U.N. Security Council North Korea sanctions committee.

“Although no nuclear tests or launches of ICBMs (intercontinental ballistic missiles) were reported, DPRK continued to develop its capability for production of nuclear fissile materials,” the experts wrote.

North Korea is formally known as the Democratic People’s Republic of Korea (DPRK). It has long-been banned from conducting nuclear tests and ballistic missile launches by the U.N. Security Council. Since 2006, North Korea has been subject to U.N. sanctions, which the Security Council has strengthened over the years in an effort to target funding for Pyongyang’s nuclear and ballistic missile programs.

The sanctions monitors noted that there had been a “marked acceleration” of missile testing by Pyongyang.

The United States and others said on Friday that North Korea had carried out nine ballistic missile launches in January, adding it was the largest number in a single month in the history of the country’s weapons of mass destruction and missile programs.

CYBERATTACKS, ILLICIT TRADE

The monitors said “cyberattacks, particularly on cryptocurrency assets, remain an important revenue source” for North Korea and that they had received information that North Korean hackers continued to target financial institutions, cryptocurrency firms and exchanges.

“According to a member state, DPRK cyberactors stole more than $50 million between 2020 and mid-2021 from at least three cryptocurrency exchanges in North America, Europe and Asia,” the report said.

The monitors also cited a report last month by cybersecurity firm Chainalysis that said North Korea launched at least seven attacks on cryptocurrency platforms that extracted nearly $400 million worth of digital assets last year.

In 2019, the U.N. sanctions monitors reported that North Korea had generated an estimated $2 billion for its weapons of mass destruction programs using widespread and increasingly sophisticated cyberattacks.

The latest report said North Korea’s strict blockade in response to the COVID-19 pandemic meant “illicit trade, including in luxury goods, has largely ceased.”

Over the years the U.N. Security Council has banned North Korean exports including coal, iron, lead, textiles and seafood, and capped imports of crude oil and refined petroleum products.

“Although maritime exports from DPRK of coal increased in the second half of 2021, they were still at relatively low levels,” the monitors said.

“The quantity of illicit imports of refined petroleum increased sharply in the same period, but at a much lower level than in previous years,” the report said. “Direct delivery by non-DPRK tankers to DPRK has ceased, probably in response to COVID-19 measures: instead, only DPRK tankers delivered oil.”

North Korea’s humanitarian situation “continues to worsen,” the report said. The monitors said that was probably due to the COVID-19 blockade, but that a lack of information from North Korea meant it was difficult to determine how much U.N. sanctions were unintentionally harming civilians.

***

Military equipment is seen during a military parade to commemorate the 8th Congress of the Workers' Party in Pyongyang, North Korea January 14, 2021 in this photo supplied by North Korea"s Central News Agency (KCNA).  Missiles on display at a January 2021 military parade

“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” Chainalysis said in a report.

The hackers used a number of techniques, including phishing lures, code exploits and malware to siphon funds from the organisations’ “hot” wallets and then moved them into North Korea-controlled addresses, the company said.

Chainalysis said it is likely that many of last year’s attacks were conducted by the so-called Lazarus Group, a hacking group which the US has applied sanctions against.

The group is believed to be controlled by North Korea’s primary intelligence bureau, the Reconnaissance General Bureau.

The Lazarus Group has previously been accused of involvement in the “WannaCry” ransomware attacks, the hacking of international banks and customer accounts and cyber-attacks on Sony Pictures in 2014.

“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report on last year’s cyber attacks added.

A United Nations panel that monitors sanctions on North Korea has accused Pyongyang of using stolen funds to support its nuclear and ballistic missile programmes as a way to avoid international sanctions.

Separately, in February last year, the US charged three North Korean computer programmers with a massive hacking spree aimed at stealing more than $1.3bn in money and cryptocurrency. BBC

SCOTUS frontrunner Ketanji Brown Jackson was an Advocate for Terror Suspects Housed at Gitmo

Posted on by

Supreme Court frontrunner Judge Ketanji Brown Jackson was an active and dedicated advocate for terror suspects housed at Guantanamo Bay, contrary to press accounts and her own representations.

woman speaking at microphone while gesturing with left hand Judge Ketanji Brown Jackson speaks in February 2020 while being honored at the University of Chicago Law School’s Parsons Dinner. (Lloyd DeGrane via Wikimedia Commons)

Jackson has portrayed her work for the detainees as that of a disinterested professional fulfilling an assignment. But a Washington Free Beacon review of court filings dating back to 2005 indicates that Jackson was deeply committed to equal treatment for accused terrorists. Her advocacy was zealous and often resembled ideological cause lawyering, even in her capacity as a public defender. At times, she flirted with unsubstantiated left-wing theories that were debunked by government investigators. On other occasions, she accused Justice Department lawyers of egregious misconduct with little evidence.

As a federal public defender, Jackson represented a Guantanamo detainee accused of attacking a U.S. military base in Afghanistan. She continued to advocate on behalf of detainees and attack Bush-era detention policies in the Supreme Court after she left public service for private practice.

President Joe Biden’s approval numbers tumbled after the chaotic withdrawal from Afghanistan last summer. A retread of the War on Terror could be unwelcome for the administration, especially as new developments reveal the extent of the government’s ineptness. Leaked Situation Room documents released by Axios Wednesday show that top administration officials were scrambling to plan a mass evacuation of civilians as late as Aug. 14, the day before Taliban forces reached Kabul. The White House did not respond to the Free Beacon‘s request for comment.

Jackson’s public defender unit was charged with representing Guantanamo inmates who challenged their incarceration in a federal court in Washington, D.C. Jackson’s client was a detainee named Khiali-Gul, who maintained that he was an innocent man wrongfully detained.

“I had a job in Mr. Karzai’s government and I have done personal favors for the Americans and helped them,” Gul said in a 2005 court filing.

U.S. investigators reached quite different conclusions about Gul. A 2008 Defense Department assessment states that Gul was a Taliban intelligence officer and the likely leader of a terror cell near the city of Khost. The cell met at his home on Dec. 1, 2002, to plan a rocket attack on a coalition forward-operating base, which took place just hours after the gathering. A separate Defense assessment flagged a possible meeting with Osama bin Laden in November 2001.

In written exchanges with Republican lawmakers ahead of her confirmation to an appeals court last year, Jackson emphasized that she represented Gul in her capacity as a government lawyer duty-bound to advocate for all indigent defendants. She implied but did not say she did so under orders. The Washington Post presented the facts along those lines in a Jan. 27 story about her prospective nomination.

But filings Jackson submitted for Gul were hardly perfunctory. In 2005 she filed a petition on Gul’s behalf that went well beyond the particulars of his case to broadly assail Bush administration War on Terror policies. For example, she accused the government of pioneering torture tactics used at the Abu Ghraib prison in Iraq on Guantanamo inmates.

“Many of the most egregious interrogation techniques used in the Abu Ghraib detention center and other detention facilities in Iraq—such as the use of aggressive dogs to intimidate detainees, sexual humiliation, stress positions, and sensory deprivation—were pioneered at Guantanamo,” she wrote, by way of arguing her client was subject to inhumane confinement conditions.

Such allegations were common among Democratic lawmakers and left-wing advocacy groups. But a 2005 report of the Pentagon inspector general, much of which remains classified, rejects that assessment. Testifying before the Senate Armed Services Committee in 2005, Vice Admiral Albert Church rejected any such Abu Ghraib-Gitmo nexus.

Jackson also criticized the “extraordinary rendition” program, through which detainees were secretly transferred to countries where prolonged detention and torture could be practiced. Gul was never subject to the program, making the criticisms afield of the dispute. He was ultimately repatriated to his native Afghanistan.

Later in the course of Gul’s case, Jackson would accuse government lawyers of serious ethical breaches. In 2006, she asked the judge who presided over Gul’s case to sanction Justice Department lawyers over the government’s response to a rash of detainee suicides. Sanctions are reserved for serious misconduct and are always embarrassing to those involved. Penalties range from remedial classes to suspension or disbarment in the relevant court.

Three Guantanamo detainees committed suicide on June 10, 2006, by hanging themselves in their cells. Rear Admiral Harry Harris, who then commanded at Guantanamo, called the incident a coordinated protest act. The suicides followed a May uprising in which inmates attacked guards with fan blades and broken light fixtures, as well as revelations that some inmates were hoarding prescription medications.

The Defense Department on Dec. 20, 2014, announced Gul’s repatriation to Afghanistan under an executive order from then-president Barack Obama that required the intelligence community to determine whether Guantanamo detainees should be released, transferred, or prosecuted. The 2008 assessment predicted he would resume his extremist activities without close supervision.

The Free Beacon was unable to determine whether Gul reenlisted with the Taliban ahead of the terrorist group’s rapid conquest of Afghanistan in 2021. Other Guantanamo prisoners did so. Ex-detainee Gholam Ruhani maintained that he was “a simple shopkeeper who helped Americans” in court papers while fighting his five-year detention at the naval base. He was among the commandos who last August stormed the presidential palace, and he appeared on camera in former Afghan president Ashraf Ghani’s office cradling a machine gun and reciting the Quran.

Free Beacon has more details here.

Another source here has a very detailed resume.

Simply put, she is trouble and if nominated, you can bet the confirmation hearing will be wild.

Meanwhile, Microsoft Details the Russian Hack of Ukraine

Posted on by

The Windows maker’s Threat Intelligence Center (MSTIC) is tracking the cluster under the moniker ACTINIUM (previously as DEV-0157), sticking to its tradition of identifying nation-state activities by chemical element names.

The Ukrainian government, in November 2021, publicly attributed Gamaredon to the Russian Federal Security Service (FSB) and connected its operations to the FSB Office of Russia in the Republic of Crimea and the city of Sevastopol. Details.

***

Gamaredon APT Improves Toolset to Target Ukraine Government, Military | Threatpost source

The Gamaredon APT was first spotted in 2013 and in 2015, when researchers at LookingGlass shared the details of a cyber espionage operation tracked as Operation Armageddon, targeting other Ukrainian entities. Their “special attention” on Eastern European countries was also confirmed by CERT-UA, the Ukrainian Computer Emergency Response Team.

The discovered attack appears to be designed to lure military personnel: it  leverage a legit document of the “State of the Armed Forces of Ukraine” dated back in the 2nd April 2019. Source

For this reason, Cybaze-Yoroi ZLAB team dissected this suspicious sample to confirm the possible link with Russian threat actors.

***

There are several outside government cyber experts that are reporting much the same as Microsoft as noted here.

Source: While Gamaredon has mainly targeted Ukrainian officials and organizations in the past, the group attempted an attack on January 19 that aimed to compromise a Western government “entity” in Ukraine, researchers at Palo Alto Networks’ Unit 42 organization reported Thursday. Gamaredon leadership includes five Russian Federal Security Service officers, the Security Service of Ukraine said previously.

Microsoft threat researchers released their own findings on Gamaredon in the blog post today, disclosing that the group has been actively involved in malicious cyber activity in Ukraine since October 2021.

While the hacker group has been dubbed “Gamaredon” by Unit 42, Microsoft refers to the group by the name “Actinium.”

“In the last six months, MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired access to move laterally into related organizations,” the threat researchers said in the post. “MSTIC has observed ACTINIUM operating out of Crimea with objectives consistent with cyber espionage.”

Evading detection

Tactics used frequently by the group include spear-phishing emails with malicious macro attachments, resulting in deployment of remote templates, the researchers said. By causing a document to load a remote document template with malicious code—the macros—this “ensures that malicious content is only loaded when required (for example, when the user opens the document),” Microsoft said.

“This helps attackers to evade static detections, for example, by systems that scan attachments for malicious content,” the researchers said. “Having the malicious macro hosted remotely also allows an attacker to control when and how the malicious component is delivered, further evading detection by preventing automated systems from obtaining and analyzing the malicious component.”

The Microsoft researchers report that they’ve observed numerous email phishing lures used by Gamaredon, including those that impersonate legitimate organizations, “using benign attachments to establish trust and familiarity with the target.”

In terms of malware, Gamaredon uses a variety of different strains—the most “feature-rich” of which is Pterodo, according to Microsoft. The Pterodo malware family brings an “ability to evade detection and thwart analysis” through the use of a “dynamic Windows function hashing algorithm to map necessary API components, and an ‘on-demand’ scheme for decrypting needed data and freeing allocated heap space when used,” the researchers said.

Meanwhile, the PowerPunch malware used by the group is “an agile and evolving sequence of malicious code,” Microsoft said. Other malware families employed by Gamaredon include ObfuMerry, ObfuBerry, DilongTrash, DinoTrain, and DesertDown.

‘Very agile threat’

Gamaredon “quickly develops new obfuscated and lightweight capabilities to deploy more advanced malware later,” the Microsoft researchers said. “These are fast-moving targets with a high degree of variance.”

Payloads analyzed by the researchers show a major emphasis on obfuscated VBScript (Visual Basic Script), a Microsoft scripting language. “As an attack, this is not a novel approach, yet it continues to prove successful as antivirus solutions must consistently adapt to keep pace with a very agile threat,” the researchers said.

Unit 42 had reported Thursday that Gamaredon’s attempted attack against a western government organization in January involved a targeted phishing attempt.

Instead of emailing the malware downloader to their target, Gamaredon “leveraged a job search and employment service within Ukraine,” the Unit 42 researchers said. “In doing so, the actors searched for an active job posting, uploaded their downloader as a resume and submitted it through the job search platform to a Western government entity.”

Due to the “steps and precision delivery involved in this campaign, it appears this may have been a specific, deliberate attempt by Gamaredon to compromise this Western government organization,” Unit 42 said in its post.

Unit 42 has said it’s not identifying or further describing the western government entity that was targeted by Gamaredon.

No connection to ‘WhisperGate’ attacks

The attempted January 19 attack by Gamaredon came less than a week after more than 70 Ukrainian government websites were targeted with the new “WhisperGate” family of malware.

However, the threat actor responsible for those attacks appears to be separate from Gamaredon, the Microsoft researchers said in the post today. The Microsoft Threat Intelligence Center “has not found any indicators correlating these two actors or their operations,” the researchers said.

The U.S. Department of Homeland Security (DHS) last month suggested it’s possible that Russia might be eyeing a cyberattack against U.S. infrastructure, amid tensions between the countries over Ukraine.

Estimates suggest Russia has stationed more than 100,000 troops on the eastern border of Ukraine. On Wednesday, U.S. President Joe Biden approved sending an additional 3,000 U.S. troops to Eastern Europe.

 

Could it be that Europe has more Guts in Suing Google than the U.S.?

Posted on by

Shame on our Congress but more…shame on the Justice Department for dragging it’s feet when it comes to anti-trust cases against big tech, especially Google.

Google is big…really big but perhaps $2.4 billion will get their attention…and that is just Europe. But then again, maybe not as Google just announced the following:

Google has completed the latest phase of construction at its data center in Council Bluffs, Iowa, bringing its total investment in its Iowa campus to $5 billion.

Google Has Invested $5 Billion in its Iowa Data Centers

A herd of deer outside the equipment yard of the Google data center campus in Council Bluffs, Iowa. (Photo: Google)

The investment milestone by Google is the latest data point on the extraordinary growth of the data center industry in Iowa, which is also home to Meta’s largest cloud campus and a massive build-out by Microsoft in West Des Moines. The Iowa cloud cluster shows the prominent role of the Midwest in cloud geography, providing a data distribution hub in the center of the United States.

***

Google-owner Alphabet faces a massive lawsuit in Europe.

It’s being sued by price-comparison firm PriceRunner for around $2.4 billion.

The Swedish company alleges the tech giant manipulated search results.

PriceRunner wants Google to pay compensation for profits it claims it has lost in the UK since 2008; and Sweden and Denmark since 2013.

A Google spokesperson said the company would defend the lawsuit in court.

It claimed changes made to shopping ads five years ago have worked successfully.

It also said PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes as others.

But PriceRunner said it was ready to fight for years, with financing in place and steps prepared in the event it does not win.

In November Google lost an appeal against a fine of over $2.7 billion imposed by the European Commission in 2017.

It found that the search giant used its own price comparison shopping service to gain an unfair advantage over smaller European rivals.

The seven-year investigation came about due to complaints that Google distorted internet search results in favour of its own shopping service.

PriceRunner is currently in the process of being bought by payments firm Klarna.

***

Pricerunner sues Google for SEK 22 billion - Gamingsym

Source: PriceRunner said Monday that it plans to take Google to court in Stockholm. It’s seeking compensation for damages in relation to a 2017 ruling from the European Commission that Google breached antitrust laws by giving preference to its own shopping comparison product, Google Shopping, through its popular search engine.

After a seven-year investigation into the practices, the EU executive body dealt Google a historic $2.7 billion fine. Google appealed the penalty, but in November 2021, the decision was upheld by the EU’s General Court. The verdict can still be appealed and taken to the EU’s highest court.

PriceRunner CEO Mikael Lindahl said the company launched its lawsuit following “extensive and thorough preparations.”

“We are of course seeking compensation for the damage Google has caused us during many years, but are also seeing this lawsuit as a fight for consumers who have suffered tremendously from Google’s infringement of the competition law for the past fourteen years and still today,” Lindahl said in a statement.

A Google spokesperson said the company looks forward to defending its case in court. The company made a number of changes in 2017 aimed at addressing the commission’s concerns.

“The changes we made to shopping ads back in 2017 are working successfully, generating growth and jobs for hundreds of comparison shopping services who operate more than 800 websites across Europe,” the spokesperson said in an emailed statement.

“The system is subject to intensive monitoring by the EU Commission and two sets of outside experts. PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes that others have.”

PriceRunner alleges Google has not complied with the commission’s ruling and is still abusing its dominant position among internet search engines. It expects the final damages to be “significantly higher” than the interim sum of 2.1 billion euros.

The company, which in November agreed to be taken over by Swedish fintech firm Klarna, wants Google to pay compensation for profits it lost in the U.K. since 2008, and in Sweden and Denmark from 2013 onward.

Klarna spokeswoman Aoife Houlihan said the company was “aware and supportive of this suit.”

“It is fundamental that all tech companies no matter where they operate, compete on the basis of their own merit with the best product and service and then gain consumers’ trust,” Houlihan told CNBC.

“European consumers have been denied real choice in shopping services for many years and this is one step to ensuring this ends now.”

PriceRunner says it’s the largest independent price comparison service in the Nordic region, with over 3.7 million products to select from 22,500 stores across 25 different countries.

U.S. Govt Spent Over $2.3 Million Injecting Puppies With Cocaine

Posted on by

The experiment, revealed through a Freedom of Information Act (FOIA) request filed by the White Coat Waste Project, follows previously unearthed studies funded by National Institute of Allergy and Infectious Disease Director Anthony Fauci that “debarked” beagle puppies.

Seven six-month-old Beagle puppies were forced to wear a drug-injecting jacket that allowed them to be dosed with cocaine again and again and again for months, along with an ‘experimental compound,’ to see how the two drugs interacted.

The year-long experiment, which began in September 2020, was filmed so research could evaluate the puppies’ adverse reactions” to the drugs. Prior to the drugs being administered, the puppies were forced to undergo surgery, where they were implanted with a “telemetry unit” to monitor their vital signs throughout the experiment.

  The study was funded by the National Institutes of Health’s (NIH) Institute on Drug Abuse and costed taxpayers of $2.3 million. More here.

But hold on…Dr. Fauci…Frankenstein was up to more disgusting funding….

The National Institutes of Health (NIH) is funding $27 million in studies marked for use of fetal tissue, according to a new analysis.

The White Coat Waste Project (WCW), which opposes animal experimentation, looked through NIH data to uncover the scope of funding, which includes support for things like transplanting fetal lungs, liver and thymus into mice.

The majority of the reported funding – 79.6% – comes from the National Institute of Allergy and Infectious Diseases (NIAID), which is run by White House Chief Medical Adviser Dr. Anthony Fauci. Overall, NIH expects to spend $88 million on this type of research in fiscal year (FY) 22.

NIH and the Department of Health and Human Services (HHS) did not respond to Fox News’ requests for comment.

Fauci’s institute has come under fire for research surrounding the coronavirus, among other things. More recently, WCW uncovered an experiment in which dogs were injected with cocaine. Other experiments involving humanized mice have surfaced.

One study involved humanizing mice through “reconstitution with human fetal liver (17 to 22 weeks of gestational age).” So far, that project has received funding through multiple NIAID grants, including one with more than $20 million between 2014-2018.

Another study, funded by the National Eye Institute, entailed studying fetal eye cells. That study says the eye cells were obtained from Advanced Biosciences Resources, which has come under fire for its connections to Planned Parenthood. Fetal lungs were also incorporated as part of federally funded research with the University of Wyoming and University of North Carolina – Chapel Hill.

The conservative watchdog Judicial Watch previously released documents showing that the Food and Drug Administration (FDA) sought “fresh” fetal organs from ABR. In one email, the FDA’s Dr. Kristina Howard tells ABR’s procurement manager Perrin Larton that her company “should be prepaid for $12K of tissue purchases.”

Exhibit from NIH-funded study utilizing fetal lungs, liver and thymus.

Exhibit from NIH-funded study utilizing fetal lungs, liver and thymus. (National Library of Medicine)

The issue will likely continue to gain political attention as legislators learn more about various research projects, including those involving human-animal hybrids. Last year, the Senate rejected an amendment geared toward criminalizing participation in research that created certain chimeras, or human-animal hybrids, in expectation that the federal government could lift a moratorium on funding for those projects.

“Dr. Fauci’s funding of research using aborted fetal tissue is disgusting and indefensible,” said Rep. Lisa McClain, R-Mich. “My Safe RESEARCH Act would ensure that scientists can continue important research so long as they’re not using fetal tissue from abortions.” More details here.

Gotta wonder how come not one person in the Biden administration has been critical of this abuse…but we certainly understand why so many loyal religious groups have filed lawsuits and pushed back. What about the Vatican….anyone???