14 dead in Russian Sub Fire

A fire aboard a Russian deepwater submersible killed 14 Russian crew members, state news agencies reported Tuesday, citing the Ministry of Defense.

The submariners died from smoke inhalation after a blaze broke out on the craft, which was carrying out research in Russian territorial waters, according to the state-run news agency Tass.

The Russian media outlet RBC cited an unnamed military source as saying the submarine was an AS-12, which is powered by a nuclear reactor and designed to carry out special operations at extreme depths.

That vessel, nicknamed the “Losharik”, was launched in 2003 and is one of the most secret submarines in the Russian fleet. The Losharik spy submarine is capable of diving to extreme depths and possibly involved in the tapping and severing of underwater communications cables. Losharik is reputed to be the most silent and hard-to-detect submarine in the navy of #Russia — able to dive to a depth of 6,000 meters.

The 2000-ton vessel can carry 25 crew members and can be carried under the belly of a much larger Delta III nuclear sub.

Norwegian authorities said on Tuesday they have not detected abnormally high levels of radiation after a Russian submarine caught fire in the area of the Barents Sea.

“We have made checks and we are not monitoring too high radiation levels in the area,” Per Strand, a director at the Norwegian Radiation and Nuclear Safety Authority, told Reuters. He said his agency had seen Russian media reports that a gas explosion took place on board the submarine.

 

President Vladimir Putin on Tuesday called the loss of 14 navy officers in the fire a “big loss”, ordering a full investigation into what happened.

“We express our deepest condolences to the families of those who died. We will do everything we can to support them,” said Putin, who cancelled a public engagement to deal with the incident.

Posted in Uncategorized | Tagged , , , , | Leave a comment

Iran – Prelude to War?

13 July 2019 the Front Altair burning. Apparently, mines were placed at night on the side of the ships.  This is a Norway owned, Marshall Island flagged vessel.

Kokuka Courageous with damage on the sides.  Yutaka Katada is the president of the Kokuka Sangyo shipping company which own this ship.

Image result for Kokuka Courageous

Iranian fast battle ship removing the unexploded Limpet Mine in the dark.

Limpet mines were also used in the Fujairah attack where the UAE, Norway and Saudi Arabia, whose tankers were sabotaged, said a “state actor” was the culprit. This was coordinated attacks on four oil tankers that took place on the morning of 12th May 2019 off the port of Fujairah off the coast of UAE.

On May 7, 1915, a German U-boat torpedoed the British-owned luxury steamship Lusitania, killing 1,128 people including 128 Americans. The disaster immediately strained relations between Germany and the neutral United States, fueled anti-German sentiment and set off a chain of events that eventually led to the United States entering World War I.

 

 

 

Posted in Uncategorized | Tagged , , , , | Leave a comment

Sri Lanka Bombing Aftermath

The devastating Easter Sunday bombings in Sri Lanka were locally planned and executed, without direct guidance from the Islamic State militant group, investigators said.

1 St. Anthony’s Shrine A suicide blast went off at this Roman Catholic church in Kochchikade, Colombo, around 8:45 a.m. Witnesses described scenes of terror and carnage. “It was a river of blood,” said N. A. Sumanapala, a shopkeeper who works near the church. “Ash was falling like snow.”

2 Shangri-La hotel A suicide blast hit the Table One Restaurant, which was serving Easter brunch, on the hotel’s third floor just before 9 a.m. Another suicide bomb was detonated in hotel corridor.

3 Kingsbury Hotel A suicide bomb shattered windows and walls.

4 Cinnamon Grand Hotel The hotel had been blown up before, in 1984, when it was called the Hotel Lanka Oberoi.

5 Dematagoda housing complex At around 2:45 p.m., a few hours after the initial wave of bombings, a suspect who was being questioned by the police in a Colombo suburb detonated a suicide bomb, killing three officers, according to officials. Explosives were found inside, and three suspects were arrested.

6 Tropical Inn A blast occurred at this small hotel near the national zoo in Dehiwala, a suburb of Colombo later at around 2 p.m.
In the days leading up to Easter Sunday’s devastating suicide bombings that killed at least 250 people in Sri Lanka, the country’s security agencies had been closely watching a secretive cell of the national Thowheeth Jama’ath,  a little-known radical Islamist organization that security officials in Sri Lanka now say carried out the attacks and may have received help from abroad. They knew the group was dangerous. They had collected intelligence on the whereabouts of its leaders in the April 11 security memo, which warned of Catholic church bombings. They had been warned even earlier by India that the group, also known by the spelling National Thowheed Jama’ath, was plotting church attacks. They knew as far back as January that radical Islamists possibly tied to the group had stockpiled weapons and detonators. And within hours of when three churches and three hotels were bombed, Sri Lankan security services swooped down on at least 24 suspects — by Tuesday the number had grown to 40 — suggesting that officials also knew exactly where the group had been operating. Why the security agencies failed to act aggressively on the information before the bombings is now an enormous question. It has been further complicated by a feud between the president and prime minister, which left the prime minister, Ranil Wickremesinghe, ignorant of the information the security agencies possessed — leading to bitter recriminations that have created a new government crisis.

Two Sri Lankan Muslim extremists learned how to build the explosive devices that killed more than 250 people in churches and hotels by studying Islamic State designs on the internet and conducting trial-and-error tests, including one that cost a bomb maker several fingers last year, people involved in the probe said.

Raids on a supposed bomb workshop and an Islamic State hide-out left at least 15 dead and brought the total arrests so far to more than 70. Around midnight, explosions and a gun battle erupted at a house in the east as security forces closed in. The military said on Saturday morning that 15 people had been killed there, including four suicide bombers who detonated their explosives.

Given Sri Lanka’s nearly thirty-year-long civil war, which ended only a decade ago with the defeat of the Tamil Tigers (Liberation Tigers of Tamil Eleam, or LTTE), government intelligence, security, and law enforcement officers were likely focused on monitoring the country’s Tamil population and preventing a resurgence or resurrection of the Tigers. Far less attention would have been focused on Sri Lanka’s small Muslim community. This inattention could have created the opportunity for a local group—perhaps with external encouragement or support—to emerge from obscurity and perpetrate such horrifically lethal attacks.

Posted in Uncategorized | Tagged , , , , , | Leave a comment

X-Agent and X-Tunnel Malware

malware 18 2019 102

The Mueller Report release today released some new information. We were fascinated by this comment. Why did the computer anti-virus miss these two malwares?

Agent-X is a proxy server.

In order to run automatically when Windows starts up the Trojan creates
a hidden folder named sr64 under the current user’s Application Data
folder and copies itself to a randomly-named file in this folder. The
Trojan then creates the following registry entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\sr64

Agent-X drops and loads a library file named sr32.dll in the same
hidden folder. This library file has stealth functionality which hides
the Trojan’s files and registry entries.

Agent-X runs a HTTP proxy and a SOCKS proxy, allowing a remote
attacker to route web or general-purpose traffic through the infected
machine.

Every 10 minutes the Trojan reports its presence and optionally attempts
to download an updated version of itself. Both the port numbers for the
proxy servers and the URLs for reporting and updating are stored in an
encrypted block of data at the end of the Trojan’s executable file.

The Trojan also creates the following registry entries for its own use:

HKCU\Software\Microsoft\Windows\CurrentVersion\Hash
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\btidnt

X-Agent is a signature tool of Fancy Bear operations—a cross-platform backdoor toolset with variants for Windows, MacOS, Android, and iOS. The Windows and MacOS versions of X-Agent are capable of recording keystrokes, taking screenshots, and exfiltrating files from infected systems back to a command and control server.

Lieutenant Captain Nikolay Kozacheck (who used the hacker monikers “kazak” and “blablabla1234465”) was the primary developer and maintainer of X-Agent, according to the Mueller indictment, and he was assisted by another officer, Pavel Yershov, in preparing it for deployment. Once X-Agent was implanted on the DNC and DCCC networks, Second Lieutenant Artem Malyshev (AKA “djangomagicdev” and “realblatr”) monitored the implants through the command and control network configured for the task.

The XTunnel malware that was used by Russian actor Fancy Bear to penetrate the Democrat National Committee (DNC) network was specifically designed to work against this target, Invincea researchers say.

The attack was carried out in April this year, but was the second time a Russian threat actor targeted DNC, after another group going by the name of Cozy Bear managed to penetrate the network in the summer of 2015. The incidents were analyzed by Crowdstrike, after DNC employees started receiving alerts from Yahoo regarding their potential account compromises.

The researchers discovered that the Fancy Bear threat actor used the XTunnel malware for compromise purposes. After taking a closer look at the malware, Invincea discovered that the malware didn’t cluster with other known threats and says that it was likely a “purpose-built original piece of code” meant to target the DNC network specifically.

As it turns out, the XTunnel tool has several capabilities that allowed it to easily compromise the targeted network, including VPN-style capabilities and the use of encryption (it exchanges SSH keys, uses private encryption keys, compresses and decompresses data, etc.). The malware also supports access to locally stored passwords, and can access the LDAP server, researchers discovered.

What’s more, the threat is modular, meaning that it can download additional files when needed, and can also probe the network for open ports, PING hosts, and send and receive emails. The malware has many other capabilities, some of which are shared by legitimate programs, Invincea reveals.

Some of the most important functions of the tool, however, include the ability “to hook into system drivers, access the local LDAP server, access local passwords, use SSH, OpenSSL, search and replace local files, and of course be able to maintain a persistent connection to a pre-specified IP address, even if the host is behind a NATed firewall,” Invincea’s Pat Belcher explains.

As if these abilities weren’t enough, the threat was also found to be able to monitor keyboard and mouse movements, and even to access webcams and USB drives. “That is a lot of capabilities packed into a file that is less than 2 MB in size,” Belcher notes.

Another interesting aspect of XTunnel is that its code isn’t obfuscated, as most modern malware employs this technique to make analysis challenging. This piece of malware contains strings of code that appear to be transparently showing exactly what the binary is intended to do, “as if it were originally developed to be an open source tool to provide encrypted tunnel access to internet hosts,” the security researcher says.

The researchers also discovered that the hackers used a very old but reliable network module –associated with softphone and VoIP applications over a decade ago – to maintain a fully encrypted, end-to-end Remote Access Trojan (RAT). Thus, the DNC didn’t have many options when it came to detecting the malware’s network activity, except to catch it “port knocking” on the inside of the firewall.

However, the security company notes that, since many organizations run a firewall configuration where inside host are allowed outbound without restrictions, this type of activity would have been almost impossible to detect if only logs were used. Even with restricted outbound access, XTunnel could have used ICMP or UDP protocols to connect to the Russian command and control server, Invincea says.

Invincea released a report on these malware, but clearing away from any “Russian attribution” statements. Their report focuses on X-Tunnel, the malware used to steal the data from the DNC servers.

The company’s malware expert, Pat Belcher, says that this is a one-of-a-kind malware variant that appears to be custom-built and used only in limited, targeted attacks, not sharing any similarities with other malware families.

The malware has many capabilities that would allow it to be used as a RAT, a remote access trojan, but it appears that its role was to help the crooks steal data from compromised systems.

RAT features discovered inside X-Tunnel’s measly 2MB file include the ability to open SSH connections, encrypt traffic using SSL, access LDAP servers, read/write from Windows Console, compress/decompress data, steal passwords, download/upload files, capture mouse movements, use proxies, modify Windows services, and many other more.

Nevertheless, the vast majority of the features found by Invincea’s analysis show a tool designed for data exfiltration above all.

X-Tunnel is based on an open-source network tunneling protocol
Belcher claims that the name X-Tunnel, given to this tool, is not a coincidence. The malware seems to be a rough modification of the XTunnel PortMap open source project by Xten, a Chinese company.

This application was developed on XTunnel, a protocol used in the early days of softphones and VoIP communications, and was used to open connections from firewalled networks to IPs on the outside of the network without having to request system administrators to open special ports.

The XTunnel protocol would probe the firewall on its own, searching for open ports, and use the first port it found to open a connection.

Development of the protocol stopped when Xten was acquired by another company, who closed-source the project, taking it out of the hands of the open-source community.

“The Fancy Bear threat actors used, by today’s standards, a very old, but still reliable network module used for softphone and video and VoIP capabilities to maintain a fully encrypted, end-to-end Remote Access Trojan (RAT),” Belcher explains.

“Previous reports from Crowdstrike and others note that the XTunnel tool was used to maintain network connectivity. Whether the XTunnel tool was used for additional purposes as its capabilities suggest is unknown, but it had the potential to support a full range of additional activity,” Belcher also added, reconfirming X-Tunnel’s additional RAT features.

A theory of the malware’s possible infection vector stems from a trojan named Komplex, which was found in September 2016 to be infecting Macs through a combination of emails sent to specific targets (aka spear phishing) and containing a PDF attachment that held the malicious code that would lead to infecting the system upon opening the PDF.

While this is a common vector for infection for many trojans, it is nonetheless important for users to practice safe internet habits and not open or preview emails from unknown senders, and under no circumstances should you ever open an attachment that is sent to you from someone you don’t know.

Install software only from authorized developers
While computers are understandably used to make our lives easier, the software that runs on them interacts with a lot of potentially sensitive data and can be targeted by threat actors or even be designed by them. To minimize this risk, Apple has implemented several technologies throughout the years, such as Gatekeeper and System Integrity Protection (SIP), that serve to allow authorized software developers with verified signatures the right to have their apps installed on macOS and to prevent malware from running by protecting system directories from unauthorized modification by rouge applications.

These technologies come turned on, by default, but can be manually disabled by administrators. Given the threats posed by malware introduced as trojans, setting Gatekeeper to allow software installs by the App Store and identified developers is a safe bet. Safer still, allowing software that comes from the App Store is the best protection.

 

 

 

 

Posted in Uncategorized | Tagged , , , , , , | Leave a comment

Microwave Weapons Are Prime Suspect in Ills of U.S. Embassy Workers

In 2016 and 2017, 25 Americans, including CIA agents, who worked in the U.S. Embassy in Cuba suffered serious brain injuries causing impaired vision and memory loss among other persistent symptoms. Now, we’ve learned that at least 15 American officials in China suffered unexplained brain trauma soon after.

American military itself sought to develop microwave arms that could invisibly beam painfully loud booms and even spoken words into people’s heads. The aims were to disable attackers and wage psychological warfare.

Now, doctors and scientists say such unconventional weapons may have caused the baffling symptoms and ailments that, starting in late 2016, hit more than three dozen American diplomats and family members in Cuba and China. The Cuban incidents resulted in a diplomatic rupture between Havana and Washington.

In China, 60 Minutes found similar issues.

Catherine Werner: I woke up in the middle of the night. I could feel this sound in my head. Um, it was intense pressure on both of my temples. At the same time, I heard this low humming sound, and it was oscillating. And I remember looking around for where this sound was coming from, because it was painful.

Scott Pelley: When did you first notice that you weren’t feeling well?

Catherine Werner: October of 2017, I started to get hives all over my body. Really bad hives. I woke up with headaches every day. Um, I started to feel tired. The simplest things would just make me very, very tired.

Scott Pelley: Were these symptoms growing worse over time?

Catherine Werner: They were. Yes. My symptoms would get so bad that I would throw up, or I would wake up with nosebleeds.

She says even her dogs were throwing up blood. Werner assumed her illness was connected to China’s toxic smog. She didn’t know it at the time but her symptoms were the same that American officials in Havana had suffered since 2016. The U.S. Embassy there is all but closed as a result.

Catherine Werner became so ill, her mother traveled from the U.S. to live with her.

Catherine Werner: She spent almost three months with me. During that time she also got very ill. Um, and she and I shared the same symptoms.

Scott Pelley: What sort of symptoms did your mother have?

Catherine Werner: Headaches and um, ringing in our ears. Um, we also started to both um, have difficulty recalling words.

After reporting her experiences, Werner was medically evacuated to the U.S. for treatment. U.S. agencies are investigating, but Mark Lenzi has a theory.

Mark Lenzi: This was a directed standoff attack against my apartment.

Scott Pelley: It was a weapon?

Mark Lenzi: Oh, of course it was a weapon.

Scott Pelley: An energy weapon–

Mark Lenzi: Absolutely.

Scott Pelley: What sort of energy is this that we’re talking about?

Mark Lenzi: I believe it’s RF, radio frequency energy, in the microwave range.

A clue that supports that theory was revealed by the National Security Agency in 2014. This NSA statement describes such a weapon as a “high-powered microwave system weapon that may have the ability to weaken, intimidate, or kill an enemy over time without leaving evidence.” The statement goes on to say “…this weapon is designed to bathe a target’s living quarters in microwaves.” The NSA disclosed this in a worker’s compensation case filed by former NSA employee Mike Beck.

In her paper, scheduled to be published September 15 in Neural Computation, Golomb compared rates of described symptoms among diplomats with a published 2012 study of symptoms reported by people affected by electromagnetic radiation in Japan. By and large, she said the cited symptoms — headache, cognitive problems, sleep issues, irritability, nervousness or anxiety, dizziness and tinnitus (ringing in the ears) — occurred at strikingly similar rates.

Some diplomats reported hearing loss. That symptom was not assessed in both studies so rates could not be compared, but Golomb said it is widely reported in both conditions. She also noted that previous brain imaging research in persons affected by RF/ EMR “showed evidence of traumatic brain injury, paralleling reports in diplomats.”

 

Posted in Uncategorized | Tagged , , , , , , | Leave a comment

Monica Witt Iran Spy

Ms. Witt was born in El Paso 8 April 1979 .  Her family moved to Florida when she was quite young.

She enlisted in the Air Force and entered active duty about eight months after her 18th birthday, in 1997, just after the death of her mother. Slender, with straight brown hair, she was quickly assigned to the crew of an RC-135 spy plane — a jet packed with reconnaissance equipment.  She served as an airborne crypto linguist and later became a special agent with the Air Force Office of Special Investigations.

She first deployed to the Middle East in 2002, when she was sent to Saudi Arabia.

Eventually Witt was drawn into the all-consuming “war on terror”, posted to Thumrait air base in Oman and Irbil in Iraq, according to a posting on an Iraq veterans’ website. The experience seems to have been the key to her disillusion.

Other missions followed: to Diego Garcia, a British atoll in the Indian Ocean of immense strategic value to Western militaries, and to Greece. In 2005, she served an almost six-month deployment to Iraq at a time of growing sectarian violence and insurgent attacks. The next year, she began a roughly seven-month tour in Qatar.

She last served with the 2nd Field Investigations Squadron, Joint Base Andrews in Maryland, the Air Force said in the Military Times story. A spokesperson for the US Air Force told the BBC she was discharged in June 2008 with the rank of Technical Sergeant

In June 2008, she earned a bachelor’s degree from the University of Maryland University College, and later worked for two national security contractors. Eventually, she entered graduate school at George Washington, an academic proving ground for aspiring diplomats and researchers near the State Department’s headquarters.

“After viewing so much corruption and the damage we were doing both to Iraq/Afghanistan and to the perception of the US, I decided I needed to do as much as I could to help rectify the situation.”

However, after leaving the air force she stayed in the defence industry. She worked for five months as an intelligence analyst for the contractor Booz Allen Hamilton and then more than two years at another Virginia-based contractor, Chenega Federal Systems, where she said on her resume that she had “supervised, controlled, and coordinated the execution of highly sensitive counterintelligence operations against foreign intelligence services worldwide”.

George Washington University’s International Affairs Review published two articles by Ms Witt in 2012. She criticised the US for calling on Iran’s neighbours to sever relations with Tehran. “In enacting a policy of severe sanctions against Iran, the US should address the potential affects (sic) on other countries and not inadvertently alienate friends by making them choose between Iran and the US” wrote Ms Witt.

According to her online CV, she lived and worked within countries including Iraq, Qatar, Jordan, Turkey, the UAE, Tajikistan and Iran.

Stone.More than a year before she allegedly defected, U.S. Air Force counterintelligence officer Monica Witt attended a film conference in Iran – an event that U.S. officials and former intelligence officers said was likely a recruiting ground for Iranian spy masters.

“It’s an intelligence targeting platform for the Iranian security apparatus,” former longtime CIA case officer Darrell M. Blocker said of such conferences. “It’s not sold as an intel thing, but of course the [U.S.] intelligence community is aware of them.”

An indictment unsealed against Witt Wednesday alleges that in February 2012 she traveled to Iran for a conference called “Hollywoodism” put on by an organization known as New Horizon. On its website, the organization bills itself as a Tehran-based non-governmental organization (NGO) that hosts conferences that cover topics including “Iranophobia,” “Zionist Lobby” and “US State hostility towards Afro-Americans.”

Witt converted to Islam in a televised ceremony in 2012 on her first trip to Tehran, at the same time as a more high-profile convert, Sean Stone, the son of US film director Oliver

Witt’s change in allegiance became clearer after a series of contacts with an unnamed Iranian from 2012 to 2013, investigators said. Witt allegedly provided her personal biography and job history and, before taking a flight from Dubai to Tehran, emailed her contact, “I’m signing off and heading out! Coming home,” closing with a smile emoji.

Ms. Witt defected in 2013 and became a spy for the Iranian security service. It was the climax of a radicalization that was rooted in Ms. Witt’s military service and that accelerated while she was in graduate school. The F.B.I., around the time Ms. Witt earned her graduate degree, alerted her that Iran’s intelligence service had its eye on her.

She told an Iranian contact that she was “endeavoring to put the training I received to good use instead of evil,” according to prosecutors.

In the weeks after defecting, she also conducted several Facebook searches of her former colleagues, and is alleged to have exposed one agent’s true identity, “thereby risking the life of this individual”.

Former intelligence officials familiar with the case described the damage to national security as severe, in part because she is suspected of revealing the names of double agents run by the United States, and the American authorities have struggled to conclude exactly why she turned on her country.

 

 

 

 

 

 

Posted in Uncategorized | Tagged , , , , | Leave a comment

Jude Shao 1998

“Jude is a very honest person, and he was very clever when he was a boy. He had a strong sense of self-confidence, and he became very ambitious,” said Shao’s older sister, Jingli Shao, 48, an eye doctor who coordinates his legal defense campaign. As a teenager, she raised Shao when their parents and two older brothers were banished to the countryside during the chaos of the Cultural Revolution in the early 1970s.

The fraternal bonds run deep, especially after their father died in June 2002 at the age of 72. “If Jude is released I hope he can travel between the U.S. and China,” said Jingli Shao. “He’s a U.S. citizen, but his home and family are in Shanghai.”

Asked about his father in his jailhouse interview, Shao’s voice cracked. “That’s the background that shaped my attitude about many things,” he said.

Shao fought bitterly with prison officials for the privilege to wear plain clothes, not prison garb, when he made a deathbed visit—in irons—shortly before his father died, said cellmate Ohmert.

After becoming an American citizen in 1997, Shao was imprisoned in China’s Qing Pu Prison on tax fraud charges from 1998 to 2008.

Shao, 54, came to the United States in 1986 to study educational technology at Rhode Island College. He later earned a master’s degree at Stanford and began splitting his time between San Francisco and Shanghai, where he ran a company exporting U.S. medical imaging equipment to China. He became a naturalized U.S. citizen in 1997.

He was among the first class of expatriates to try their hand at business in China, as the country’s economy began to take off after years of strict central control. His business grew quickly until Shanghai officials came knocking at his door. Shao told tax auditors they could see the books, but after that he locked the door and refused to cooperate or pay a $50,000 bribe, he says.

His refusal, he says, landed him in more trouble with the authorities. They accused him of tax evasion and detained him at the Shanghai airport when he arrived on a flight from the United States.

Shao’s staff called the U.S. Consulate when he didn’t show up to work.

“Because I’m not white, I’m Chinese just like them, they didn’t know they were holding an American citizen,” Shao said. “By that time it was too late. They were playing hardball.”

Shao, 45, had about five years left on a 16-year sentence for tax evasion and fraud — allegations that his supporters say were false.

For years, Shao’s former classmates from the Stanford Graduate School of Business led a campaign seeking his freedom, and many members of Congress and the Bush administration pressed the Chinese government to release him.

Under China’s legal system, Shao had been eligible for parole since 2006 but had been denied, with no public explanation given. But Wednesday — a day after U.S. Secretary of State Condoleezza Rice concluded a visit to Beijing during which human rights were discussed — Shao walked out of Qingpu Prison, on the outskirts of Shanghai.

Shao’s release came a day after Secretary of State Condoleezza Rice concluded her visit to Beijing, and the LA Times reports several China specialists who noted, with the Olympics next month, Beijing was eager to buff up its image, which recently had been tarnished by deadly riots in Tibet and other incidents in which Chinese lawyers, journalists and human rights activists had been silenced.

OThers detained

XIE (CHARLIE) CHUNREN, 56
HOME: Somerset, N.J.
ARRESTED: May 2005
STATUS: Released September 2005

Quit computer job to found natural products exporter. Sold $3 million of U.S.-made vitamins and supplements to China.Arrested at Chengdu airport on suspicion of spying for Taiwan, despite having no business or political ties there. Claims he was interrogated over three months, sometimes for 12 hours a day. Released after pressure from State Department, but he lost most Chinese contracts due to press accounts of alleged spying.

FONG FUMING, 70
HOME: West Orange, N.J.
ARRESTED: February 2001
STATUS: Released October 2003

Worked as a consultant for foreign power companies in China. Arrested on business trip to Beijing, accused of paying $245,000 in bribes for secret documents. Disputed charges and claimed he was extorted by a local official. Held 20 months without a trial, according to Human Rights Watch. Eventually sentenced to fiveyears in prison. Released three and a half years early after exhibiting “repentant behavior.”

Posted in Uncategorized | Tagged , , , | Leave a comment