Taipei Commercial Bank ATM heists

On July 9 and 10 of 2016, the ATM network of the First Commercial Bank in Taiwan was hit by a well-coordinated hack that took control of the system, forcing selected ATM machines to spew cash out to waiting bagmen. The criminals made off with over NT$83 million (US$2.5 million) in a single weekend, making this one of the biggest robberies ever in Taiwan.

“This is the first time that an international team of ATM thieves has committed a crime in Taiwan,” the head of the police’s Criminal Investigation Division, Lee Wen-chang, told the media.

As 2016 waned and investigators continued to pore over the available data, a report by international cybersecurity investigations firm Group-IB linked the hack and heist of First Bank to an international syndicate likely based in Russia or East Europe. The gang has been code-named “Cobalt” based on its use of a publicly available security testing tool, Cobalt Strike, to gain access to banks’ networks and thereby to its ATM machines.

The group has used this approach to pull off coordinated attacks enabling it to rob millions of US dollars beginning last June. Cobalt is linked to attacks on ATM networks mostly in Europe but also in Asia. Besides Taiwan, the other countries affected have included Britain, Estonia, Malaysia, the Netherlands, Poland, Russia, Spain, and Thailand.

The group that orchestrated the theft of over $2 million from cash machines at Taiwan’s First Commercial Bank in July was also behind an ATM hacking spree in more than a dozen European nations last year, according to cyber security firm Group-IB.

The methods that the so-called Cobalt group used in Europe matched those used in Taiwan, Group-IB said in its latest client report.

Wearing hats and antipollution masks, they loitered at the machine for a moment. Then, as the astonished couple in line behind them later told the police, the ATM started disgorging cash without either man touching it. The men shoved the bills into a satchel and brushed past them. As the Russians drove off in a black sedan, the couple spotted something on the ground: One of the guys had dropped his bank card.

By the time detectives traced Berezovsky and Berkman to the nearby Grand Hyatt the next day, the Russians had already jetted off to Moscow by way of Hong Kong. And they were just two of 15 “money mules” who’d hit 41 ATMs at 22 branches of First Commercial over that stormy weekend, the cops learned, taking 83 million New Taiwan dollars (NT$), or about $2.6 million. Hackers, investigators discovered, had forced the machines to spit out cash.

The Carbanak gang had struck again.

Before WannaCry, before the Sony Pictures hack, and before the breaches that opened up Equifax and Yahoo!, there was a nasty bit of malware known as Carbanak. Unlike those spectacular attacks, this malware wasn’t created by people interested in paralyzing institutions for ransom, publishing embarrassing emails, or taking personal data. The Carbanak guys just wanted loot, and lots of it.

Since late 2013, this band of cybercriminals has penetrated the digital inner sanctums of more than 100 banks in 40 nations, including Germany, Russia, Ukraine, and the U.S., and stolen about $1.2 billion, according to Europol, the European Union’s law enforcement agency. The string of thefts, collectively dubbed Carbanak—a mashup of a hacking program and the word “bank”—is believed to be the biggest digital bank heist ever. In a series of exclusive interviews with Bloomberg Businessweek, law enforcement officials and computer-crime experts provided revelations about their three-year pursuit of the gang and the mechanics of a caper that’s become the stuff of legend in the digital underworld.

Besides forcing ATMs to cough up money, the thieves inflated account balances and shuttled millions of dollars around the globe. Deploying the same espionage methods used by intelligence agencies, they appropriated the identities of network administrators and executives and plumbed files for sensitive information about security and account management practices. The gang operated through remotely accessed computers and hid their tracks in a sea of internet addresses. “Carbanak is the first time we saw such novel methods used to penetrate big financial institutions and their networks,” says James Chappell, co-founder and chief innovation officer of Digital Shadows Ltd., a London intelligence firm that works with the Bank of England and other lending institutions. “It’s the breadth of the attacks, that’s what’s truly different about this one.”

Three Eastern European men were arrested in Taiwan in July on suspicion of collecting cash stolen from ATMs owned by First Commercial Bank, a unit of First Financial Holding Co Ltd.

Attorneys for the three defendants in an ongoing trial in Taipei told Reuters their clients were not familiar with Cobalt.

The men – identified in court documents as Peregudovs Andrejs of Latvia, Colibaba Mihail of Romania and Pencov Nicolae of Moldova – were among a total of 22 individuals, all foreign nationals, that Taiwanese authorities suspect of taking part in the theft, where most of the money was subsequently recovered.

The suspects used malware dubbed “ATM spitter” in the First Commercial Bank attacks, as well as similar hacks in countries including Armenia, Belarus, Britain, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia and Spain, Group-IB said in a report to its customers that Reuters reviewed on Thursday.

Group-IB first detailed the European spree in a report published in November, identifying the hackers as the Cobalt group.

The firm linked Cobalt to the Taiwan heist in its report last week.

Investigators in Taiwan told Reuters they were not aware of any links between Cobalt and the hackers behind the First Commercial Bank heist.

“What we can say is the people behind this hacking were very good,” a Taiwanese investigator familiar with the case told Reuters, on condition of anonymity because the investigator was not authorized to speak with media.

The defendants, who maintain their innocence, said in a court hearing on Wednesday that they were not members of any international crime organization. Taipei prosecutors have said they suspect First Commercial Bank’s network was breached at a London branch office.

One of the suspected ringleaders of an ATM heist nearly two years ago has been arrested in Spain, the Criminal Investigation Bureau (CIB) said in a statement on Monday.

The investigation into the theft of more than NT$83 million (US$2.85 million at the current exchange rate) from state-run First Commercial Bank ATMs has lasted nearly 20 months and involved the joint efforts of Taiwanese authorities, the Spanish national police, the European Cybercrime Centre and private cybersecurity companies, the bureau said.

Identified only as Denys, the Russian is believed to be one of the leaders of a cybercrime syndicate called “Cobalt,” which is suspected of targeting banks, e-payment systems and financial institutions around the world using malware, known as Cobalt Strike, since 2016, the bureau said.

The group has allegedly infiltrated more than 100 financial institutions in 40 nations and stolen about 1 billion euros (US$1.2 billion).

A total of 22 suspects from six countries were involved in the high-profile theft in Taiwan from July 9 to July 11, 2016.

Nineteen of the suspects fled the nation and were placed on a wanted list.

Members of the international ring allegedly withdrew money from 51 First Commercial Bank ATMs in Taipei, New Taipei City and Taichung after using malware to hack into the bank’s computer system.

Authorities were alerted to the hack when members of the public in Taipei reported seeing two men collecting cash from an ATM in the middle of the night.

Police were able to track down and arrest three men — one who was allegedly indirectly involved in the heist and two who were allegedly in Taiwan to recover the money and transfer it out of the nation.

About NT$5.79 million of the stolen cash is still unaccounted for.

Posted in Uncategorized | Tagged , , , , , , , | Leave a comment

NotPetya cyber-attacks



In 2017, Delivery company FedEx says a recent cyber-attack cost its TNT division about $300m (£221m).

The company was one of several to have its computer systems severely disrupted by the NotPetya ransomware outbreak in June.

Other international companies have also taken sizeable financial hits as a result of the malware.

Shipping company Maersk announced in August that it had costed its damage at “up to $300m”.

And consumer goods company Reckitt Benckiser warned the attack was likely to have cost it £110m.

For the past four and a half years, Ukraine has been locked in a grinding, undeclared war with Russia that has killed more than 10,000 Ukrainians and displaced millions more. The conflict has also seen Ukraine become a scorched-earth testing ground for Russian cyberwar tactics. In 2015 and 2016, while the Kremlin-linked hackers known as Fancy Bear were busy breaking into the US Democratic National Committee’s servers, another group of agents known as Sandworm was hacking into dozens of Ukrainian governmental organizations and companies. They penetrated the networks of victims ranging from media outlets to railway firms, detonating logic bombs that destroyed terabytes of data. The attacks followed a sadistic seasonal cadence. In the winters of both years, the saboteurs capped off their destructive sprees by causing widespread power outages—the first confirmed blackouts induced by hackers.

But those attacks still weren’t Sandworm’s grand finale. In the spring of 2017, unbeknownst to anyone at Linkos Group, Russian military hackers hijacked the company’s update servers to allow them a hidden back door into the thousands of PCs around the country and the world that have M.E.Doc installed. Then, in June 2017, the saboteurs used that back door to release a piece of malware called ­NotPetya, their most vicious cyberweapon yet.

The result was more than $10 billion in total damages, according to a White House assessment confirmed to WIRED by former Homeland Security adviser Tom Bossert, who at the time of the attack was President Trump’s most senior cybersecurity-­focused official. Bossert and US intelligence agencies also confirmed in February that Russia’s military—the prime suspect in any cyberwar attack targeting Ukraine—was responsible for launching the malicious code. (The Russian foreign ministry declined to answer repeated requests for comment.)

White House press secretary Sarah Sanders, meanwhile, described NotPetya as “the most destructive and costly cyberattack in history.”

“It was part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict. This was also a reckless and indiscriminate cyberattack that will be met with international consequences,” Sanders said.

The code that the hackers pushed out was honed to spread automatically, rapidly, and indiscriminately. “To date, it was simply the fastest-propagating piece of malware we’ve ever seen,” says Craig Williams, director of outreach at Cisco’s Talos division, one of the first security companies to reverse engineer and analyze Not­Petya. “By the second you saw it, your data center was already gone.”

NotPetya was propelled by two powerful hacker exploits working in tandem: One was a penetration tool known as EternalBlue, created by the US National Security Agency but leaked in a disastrous breach of the agency’s ultrasecret files earlier in 2017. EternalBlue takes advantage of a vulnerability in a particular Windows protocol, allowing hackers free rein to remotely run their own code on any unpatched machine.

NotPetya’s architects combined that digital skeleton key with an older invention known as Mimikatz, created as a proof of concept by French security researcher Benjamin Delpy in 2011. Delpy had originally released Mimikatz to demonstrate that Windows left users’ passwords lingering in computers’ memory. Once hackers gained initial access to a computer, Mimikatz could pull those passwords out of RAM and use them to hack into other machines accessible with the same credentials. On networks with multiuser computers, it could even allow an automated attack to hopscotch from one machine to the next.

Before NotPetya’s launch, Microsoft had released a patch for its EternalBlue vulnerability. But EternalBlue and Mimikatz together nonetheless made a virulent combination. “You can infect computers that aren’t patched, and then you can grab the passwords from those computers to infect other computers that are patched,” Delpy says.

NotPetya took its name from its resemblance to the ransomware Petya, a piece of criminal code that surfaced in early 2016 and extorted victims to pay for a key to unlock their files. But NotPetya’s ransom messages were only a ruse: The malware’s goal was purely destructive. It irreversibly encrypted computers’ master boot records, the deep-seated part of a machine that tells it where to find its own operating system. Any ransom payment that victims tried to make was futile. No key even existed to reorder the scrambled noise of their computer’s contents.


The NSA security leak.

Fifteen months into a wide-ranging investigation by the agency’s counterintelligence arm, known as Q Group, and the F.B.I., officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both. Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers already far exceeds the harm to American intelligence done by Edward J. Snowden, the former N.S.A. contractor who fled with four laptops of classified material in 2013.

Mr. Snowden’s cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

Inside the agency’s Maryland headquarters and its campuses around the country, N.S.A. employees have been subjected to polygraphs and suspended from their jobs in a hunt for turncoats allied with the Shadow Brokers. Much of the agency’s arsenal is still being replaced, curtailing operations. Morale has plunged, and experienced specialists are leaving the agency for better-paying jobs — including with firms defending computer networks from intrusions that use the N.S.A.’s leaked tools.

EternalBlue is the name of both a software vulnerability in Microsoft’s Windows operating system and an exploit the National Security Agency developed to weaponize the bug. In April 2017, the exploit leaked to the public, part of the fifth release of alleged NSA tools by the still mysterious group known as the Shadow Brokers. Unsurprisingly, the agency has never confirmed that it created EternalBlue, or anything else in the Shadow Brokers releases, but numerous reports corroborate its origin—and even Microsoft has publicly attributed its existence to the NSA.

The tool exploits a vulnerability in the Windows Server Message Block, a transport protocol that allows Windows machines to communicate with each other and other devices for things like remote services and file and printer sharing. Attackers manipulate flaws in how SMB handles certain packets to remotely execute any code they want. Once they have that foothold into that initial target device, they can then fan out across a network.

In the aftermath of WannaCry, Microsoft and others criticized the NSA for keeping the EternalBlue vulnerability a secret for years instead of proactively disclosing it for patching. Some reports estimate that the NSA used and continued to refine the EternalBlue exploit for at least five years, and only warned Microsoft when the agency discovered that the exploit had been stolen. EternalBlue can also be used in concert with other NSA exploits released by the Shadow Brokers, like the kernel backdoor known as DarkPulsar, which burrows deep into the trusted core of a computer where it can often lurk undetected.

At this point, EternalBlue has fully transitioned into one of the ubiquitous, name-brand instruments in every hacker’s toolbox—much like the password extraction tool Mimikatz. But EternalBlue’s widespread use is tinged with the added irony that a sophisticated, top-secret US cyber espionage tool is now the people’s crowbar. It is also frequently used by an array of nation state hackers, including those in Russia’s Fancy Bear group, who started deploying EternalBlue last year as part of targeted attacks to gather passwords and other sensitive data on hotel Wi-Fi networks.

New examples of EternalBlue’s use in the wild still crop up frequently. In February, more attackers leveraged EternalBlue to install cryptocurrency-mining software on victim computers and servers, refining the techniques to make the attacks more reliable and effective. “EternalBlue is ideal for many attackers because it leaves very few event logs,” or digital traces, Rendition Infosec’s Williams notes. “Third-party software is required to see the exploitation attempts.”

And just last week, security researchers at Symantec published findings on the Iran-based hacking group Chafer, which has used EternalBlue as part of its expanded operations. In the past year, Chafer has attacked targets around the Middle East, focusing on transportation groups like airlines, aircraft services, industry technology firms, and telecoms.

“It’s incredible that a tool which was used by intelligence services is now publicly available and so widely used amongst malicious actors,” says Vikram Thakur, technical director of Symantec’s security response. “To [a hacker] it’s just a tool to make their lives easier in spreading across a network. Plus they use these tools in trying to evade attribution. It makes it harder for us to determine whether the attacker was sitting in country one or two or three.”

It will be years before enough computers are patched against EternalBlue that hackers retire it from their arsenals. At least by now security experts know to watch for it—and to appreciate the clever innovations hackers come up with to use the exploit in more and more types of attacks.

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , | Leave a comment

Cryptocurrency Osaka Japan Hacked

Another cryptocurrency heist has shaken Japan. This time, 6.7 billion yen ($60 million USD) worth of company and user funds have vanished from Japanese cryptocurrency exchange platform Zaif.

Tech Bureau Corp, the Osaka-based company that operates Zaif, estimates the heist occured on September 14, 2018, between 5 p.m. and 7 p.m. local time. The exchange detected the breach on September 17, 2018, and reported the event to authorities the following day.

Of the stolen money, the hacker siphoned 4.5 billion yen (about $40 million USD) from user accounts and 2.2 billion yen (just under 19.5 million USD) from the company’s own assets. The three virtual currencies stolen include bitcoin, monacoin and bitcoin cash. Of those, $37.8 million were bitcoin funds (5,966 BTC).

Tech Bureau Corp will be able to tell the exact number of bitcoin cash and monacoin stolen once it gets its servers back up. All the cryptocurrency was taken from a server managing its hot wallet. A hot wallet refers to a wallet that remains online for immediate transactions. In contrast, a cold wallet represents more secure, long-term storage that is kept offline.

Early this year, Tokyo-based Coincheck saw a loss of $530 million worth of NEM tokens. That hack represented one of the largest financial losses since the introduction of bitcoin. Coincheck has since been acquired by Monex.

Since April 2017, Japan has required all of its crypto exchanges to be licensed. Both Coincheck and Tech Bureau Corp were founded in 2014, before the new laws went into effect. Coincheck was not fully licensed at the time it was hacked, but Tech Bureau Corp is a registered exchange.


The New York State Attorney General’s office has ratcheted up its war of words against cryptocurrency exchanges, warning consumers of the myriad of risks they face in depositing money on these platforms.

Crypto Exchanges at Risk of Manipulation
In a lengthy report on the “Virtual Markets Integrity Initiative,” New York’s Attorney General argues that online cryptocurrency exchanges are vulnerable to manipulation, fraud and other types of abuse. Consumers of these platforms therefore “face significant risks” from hackers and the exchange operators themselves, some of which have been known to exploit “deceptive and predatory practices, market manipulation, and insider abuses.

“[V]irtual asset trading platforms now in operation have not registered under state or federal securities or commodities laws,” the report says. “Nor have they implemented common standards for security, internal controls, market surveillance protocols, disclosures, or other investor and consumer protections. Accordingly, customers of virtual asset trading platforms face significant risks.”

The report, which examines ten cryptocurrency exchanges operating in the U.S. and internationally, concludes a six-month investigation that was initiated by New York Attorney General Eric T. Schneiderman. Back in April, Schneiderman sent letters to 13 exchanges requesting information on their operations and internal controls.

Several Exchanges in the Hot Seat
At least four cryptocurrency exchanges were outed by the Attorney General’s office as being most problematic and possibly operating illegally in the state of New York. Not coincidentally, these exchanges refused to participate in the Attorney General’s request for information.

The report reads:

“Customers should be aware that the platforms that refused to participate in the OAG’s Initiative (Binance,, Huobi, and Kraken) may not disclose all order types offered to certain traders, some of which could preference those traders at the expense of others, and that the trading performance of other customers on those venues could be negatively affected as a result.”

June 2011: Bitcoin user loses $500,000 in bitcoin to hackers
In early 2011, Bitcoin had been a tight-knit community of hobbyists. Mining bitcoins was easier back then: people could generate thousands of bitcoins using a conventional home PC.

That’s what allinvain, a user on the Bitcoin Talk forums, claimed to have done, amassing a fortune of 25,000 bitcoins. Bitcoins were worth pennies in 2010, but, by early June 2011, the price of bitcoins had soared to $20, making his bitcoins worth around $500,000.

Then, on June 13, disaster struck for allinvain. “I just woke up to see a very large chunk of my Bitcoin balance gone,” he wrote. Allinvain believed that someone had hacked into his PC and stolen the bitcoins from his hard drive, transferring them to an account controlled by the hackers.

If those coins had not been stolen—and he’d held on to them until today—they would be worth around $250 million.

August 2011: Wallet service MyBitcoins disappears from the Web
Bitcoin wallet services offer to store bitcoins on users’ behalf. These were initially portrayed as a convenience to the customer, but many of them turned out to be either insecurely run or outright frauds (it can be hard to tell, since the frauds tend to claim they were hacked).

One wallet service that was popular in Bitcoin’s early days, for example, was called MyBitcoin. In August 2011, the company disappeared from the Web, claiming the site was hacked.

This and similar experiences have made the Bitcoin community suspicious of online wallet services. With no real regulation, there’s no way for users to verify that a wallet service is reliable.

An exception to this is client-side Web wallets like the one offered by In these services, customer data is only stored in encrypted form on the server. Data is encrypted on the client side with a customer-provided password. That approach makes users less vulnerable than traditional wallet services where the service provider has direct control of the bitcoins.

March 2012: Hacked Web host leads to stolen bitcoins
Hackers exploited a vulnerability in the shared online web host Linode to steal at least 46,703 bitcoins—then worth more than $200,000—from several Linode users. That included more than 43,000 bitcoins stolen from Bitcoinica, an early Bitcoin exchange.

Bitcoinica suffered a second hack in May 2012 that cost the company another 18,000 bitcoins. It was then taken offline for a security audit. Bitcoinica didn’t survive these incidents. In August 2012, the site was sued by several users seeking the return of $460,000 in deposits.

One lesson of the Linode debacle is that Bitcoin-related businesses have to be extremely careful when operating on shared hosting providers. Bitcoins are secured by encryption keys. If any third party—either other customers or rogue employees—has access to customer data, they will be able to read the encryption keys and use them to transfer bitcoins away from their owners.

August 2012: Bitcoin Ponzi scheme is shut down
The Bitcoin Savings and Trust was a classic Ponzi scheme. Customers were lured in with a promise of high returns—seven percent per week—and new customers’ deposits were used to pay profits to previous customers.

The scheme shut down in August 2012, and a year later the government indicted organizer Tendon Shavers. The government accused him of raising more than 700,000 bitcoins from gullible customers. In 2014, a judge ordered Shavers to repay victims more than $40 million. The judge found the scheme had cost victims 265,678 bitcoins.

September 2012: More exchanges get hacked, shut down
In September 2012, a Bitcoin exchange called Bitfloor suffered a catastrophic attack. Attackers stole 24,000 bitcoins, then worth around $250,000. Bitfloor didn’t have $250,000 in reserves, so the theft effectively made Bitfloor insolvent.

Bitfloor resumed operations a few weeks later, hoping to earn enough in fees to repay earlier customers. But the effort was unsuccessful; Bitfloor closed its doors for good in April 2013, leaving frustrated users in its wake.

February 2014: Hackers bring down the world’s then-largest exchange
The Bitcoin world’s biggest financial fiasco was the collapse of Mt. Gox—then the world’s leading Bitcoin exchange—in 2014. Operated by French-born CEO Mark Karpelès from a headquarters in Japan, Mt. Gox was the main way people bought and sold Bitcoins from its foundation in 2010 until February 2014. Then Mt. Gox announced that 850,000 bitcoins had gone missing—likely stolen by hackers, the company said.

At early 2014 prices, those bitcoins were worth around $450 million. Today, they’d be worth $8.5 billion.

In July, US law enforcement officials announced they had arrested a suspect in the massive theft. A Russian man named Alexander Vinnik was the owner and operator of a competing Bitcoin exchange called BTC-e. The feds allege that he knowingly accepted stolen bitcoins from Mt. Gox and laundered them through his own bitcoin exchange.

The collapse of Mt. Gox left no shortage of angry customers. Ironically, the continued appreciation of Bitcoin’s value means that the bankrupt company could eventually be able to repay its debts in full—with piles of money left over. Mt. Gox’s assets and liabilities were frozen while the company worked through the bankruptcy process. The liabilities were frozen in terms of Japanese yen, while the company’s remaining bitcoins have ballooned in value—from around $400 each at the time of the bankruptcy to around $11,000 today.

Obviously, Mt. Gox’s former creditors believe they should be repaid in appreciated bitcoins, but Japanese law might not be on their side.

January 2015: Bitstamp exchange is hacked
In January 2015, the popular Bitcoin exchange Bitstamp reported that it had lost around 19,000 bitcoins, then worth about $5 million. The exchange survived the attack and remains a leading Bitcoin exchange today.

August 2016: Another exchange loses 120,000 bitcoins to hackers
In August 2016, the Bitcoin exchange Bitfinex announced that hackers had stolen $77 million worth of bitcoins. The company foisted these costs on to users, forcing them to take a 36-percent reduction in the value of their deposits.

Bitfinex is still around, but there are big questions about the company’s credibility. As the New York Times puts it, Bitfinex is an “opaque operation that provides no information on its website about where it is or who operates the company.”

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

Cameroon’s civil war

Cameroon’s governance and security problems have historically attracted little outside attention. But this seems likely to change, for two reasons. The first is the growing political crisis in the Central African nation’s English-speaking region. The second is a presidential election scheduled for October 2018.

Roughly 20% of the country’s population of 24.6 million people are Anglophone. The majority are Francophone. The unfair domination of French-speaking politicians in government has long been the source of conflict.

For a year and a half, the Cameroonian military has been accused of beating and arresting people suspected of being separatists, torching homes and killing unarmed protesters

Activists in the country’s Anglophone western regions are protesting their forced assimilation into the dominant Francophone society. They argue that this process violates their minority rights, which are protected under agreements that date back to the 1960s. Anglophone political representation and involvement at many levels of society has dwindled since the Federal Republic of Cameroon became the United Republic of Cameroon in 1972. There are growing calls for the Anglophone region to secede from Cameroon.

After World War I, the territory was divided between France and the United Kingdom as League of Nations mandates. In 1960, the French-administered part of Cameroon became independent as the Republic of Cameroun. More than a decade later the southern part of British Cameroons federated with it in 1961 to form the Federal Republic of Cameroon. This was abandoned when it was also renamed the United Republic of Cameroon in 1972 and again in 1984 as the Republic of Cameroon.

It began in 2016 with demonstrations by English-speaking lawyers, students and teachers.
Protests against marginalisation by the French-speaking majority were met with a crackdown.
Activists were arrested, and several protesters shot by security forces.
Separatist demands for an independent state grew, resulting in increasing violence.
Some symbolically proclaimed the independence of a new state called “Ambazonia”.
Some 160,000 people have fled their homes in Cameroon, the UN says.
More than 20,000 have fled to Nigeria.
Journalists are being denied access to conflict zones.

On 12 June 2018, Amnesty International issued a report documenting human rights violations in Cameroon. The International Crisis Group says that at least 120 civilians and 43 members of security forces have been killed in the most recent waves of violence.


Posted in Uncategorized | Tagged , , , | Leave a comment

Trump Resignation Playbook

As the Cohen net encircles with Russian $500,000 and many texts from Trump to him for years. It is possible a scenario that Trump resigns before impeachment. Pence would take over.

It is probable that impeachment procedings would play out, but also could stop.

A year later, Pence pardons Trump as Ford did Nixon. September 2018 could be the month.


Posted in Uncategorized | Leave a comment

Why does Serbia want more Mig fighters?

Belarus has agreed to donate four MiG-29 fighters to Serbia, Defence Minister Aleksandar Vulin told the Politika daily on 21 April.

mig apr 25 2018 3.png

They “will be overhauled and modernised under the same model as the six aircraft received from the Russian Federation”, Vulin said.

In October 2017 Russia transferred six decommissioned MiG-29s to Serbia under a multi-year agreement covering long-term logistics, the general overhaul, and modernisation of the entire Serbian MiG-29 fleet.

Minister Vulin added that this delivery makes up the fleet of 14 MiG-29 fighter jets under Serbian Army, thanks to the supplies of six MiG-29 fighter jets from Russia and four such warplanes from Belarus.

The Serbia defense minister said that while visiting Moscow in April he had had talks with his Russian counterpart, Sergei Shoigu on supplies of four Mi-35 combat helicopters, four Mi-17 transport helicopters, T-72 tanks, BMP-2 armored infantry carriers and missile defense systems.

Now the warplanes are to be modernized in three stages. The country plans to spend a sum from 180 million to 230 million euro for these purposes. Along with MiG-29 fighter jets, Russia’s assistance to Serbia will include 30 T-72 tanks and 30 BRDM-2 combat patrol vehicles. Apart from that, the sides are discussing supplies of Buk-M1 and Buk-M2 missile systems and Tunguska surface-to-air gun and missile systems. Earlier, Belarus announced its plans to hand over to Serbia in 2018 eight MiG-29 fighter jets and two Buk missile systems on condition that Belgrade pays for their repairs.

Serbian Defense Minister Aleksandar Vulin called off his visit to an annual memorial service for the victims of a World War Two extermination camp held in Croatia on Sunday after Croatia said he was not welcome.

The two ex-Yugoslav republics began trading barbs last week when a Croatian delegation cut short a trip to Serbia after a Serbian radical lawmaker and convicted war criminal shouted insults at them and tried to rip up the Croatian flag.

The delegation’s visit had been part of an effort to heal ties between the two neighbors, hostile to each other since Croatia fought a war of independence from Yugoslavia in the early 1990s in which around 20,000 people were killed.

The EU would defend Croatia. Unless it was busy elsewhere.


one view

Since the dissolution of Yugoslavia, Croatia and Serbia have never had better economic relations than today. 
Croats are buying Serbian products in all forms, shapes, and sizes – from home-made ajvar (Balkan pepper relish) to pop music.
Serbs are also considered to be the top tourists on Croatia’s Adriatic coast, outspending people from countries like Austria. So the ‘barbaric enemies at the gates’ theory for these weapons purchases doesn’t seem that plausible.

Another thing is that because Croatia joined NATO in 2009 and the EU in 2013, this doesn’t really seem like a local or regional issue. To put it bluntly, matters are not really decided in Zagreb anymore – and any problem that Belgrade might have with Washington or Brussels will not be resolved with military helicopters.

That was the main reason why Croatia entered NATO – because the principle of collective defence means that we should not have to worry too much about what Serbia is doing, and if worries do surface, we have back-up.





Posted in Uncategorized | Tagged , , , , | Leave a comment

Armenian PM Sarkisian Resigns

Thousands of jubilant Armenians have poured into Yerevan’s main square to celebrate the resignation of Prime Minister Serzh Sarkisian, who stepped down amid widespread street protests over his election to the newly powerful post following 10 years as president.

How 11 days of protests brought down Armenia's leader Serzh Sargsyan

The Armenian Defense Ministry condemned what it said was their (soldiers)  illegal action, saying the men belonged to a brigade of military peacekeepers.

“The harshest legal measures will be taken against the soldiers,” it said in a statement.

Opposition supporters accused Mr Sargsyan of clinging to power after he was appointed prime minister last Tuesday, soon after finishing two five-year terms as president.

“The street movement is against my tenure. I am fulfilling your demand,” he said in a statement.

Former prime minister Karen Karapetyan takes over as acting PM, reports said.


The announcement came soon after opposition leader Nikol Pashinyan was released from detention. Mr Pashinyan had been arrested on Sunday after televised talks with Mr Sargsyan collapsed.

As well as Mr Pashinyan, two other opposition politicians and some 200 demonstrators were held.

His political opponents accused him of changing the country’s laws so he could hold on to power for another 10 years. In late 2015, the country’s government pushed through a controversial constitutional referendum that would downgrade the presidency to a mostly symbolic position and give increased power to the prime minister. Many observers said this change was designed to allow Sargsyan to transition from the presidency to the premiership when his legal term limit was reached.

Tens of thousands of Armenians have demonstrated against the rule of Serzh Sargsyan, many of them gathering in Republic Square last night

Sargsyan had always been a controversial figure. At least eight people died during clashes with police when he was elected to office in 2008. He won a second five-year term in 2013 after several political opponents suddenly resigned and one candidate was shot in what many said was an assassination attempt.

It followed years of frustration over social and economic issues, and ultimately the “four-day war” in April 2016 over the disputed Nagorno-Karabakh territory that caused dozens of casualties, bringing Armenia and Azerbaijan close to all-out conflict.

Observers drew parallels between Armenia’s so-called strongman and the Russian president, as well as Recep Tayyip Erdogan in Turkey. After completing his limit of two presidential terms, Vladimir Putin became prime minister of Russia in 2008 before returning to the presidency in 2012. Erdogan graduated from years as prime minister to become president, with beefed-up powers.

Sargsyan has a close relationship with Putin, which critics say has made Yerevan too tied to Moscow.


Posted in Uncategorized | Tagged , , | Leave a comment