Advanced Sonic Devices

A group of American diplomats in Havana, Cuba have suffered severe and unexplained hearing loss over the past year, which U.S. officials believe was caused by a covert and advanced sonic device.
The severity of some of the diplomats’ symptoms has forced them to cancel their Cuba tours early and return to the U.S. for treatment, the Associated Press reports.
But what exactly is a sonic device, how common are they, and how much damage can they actually cause? Here’s what to know.
What weapons was used to hurt diplomats in Cuba?
State Department spokeswoman Heather Nauert said the government does not “have any definitive answers about the source” of the attack. It is continuing to investigate what may have caused the diplomats’ injuries.
However, U.S. officials who spoke anonymously to the AP said that the hearing loss was caused by a device deployed either inside or near the diplomats’ residences. The devices emitted a sound that was not audible to human ears, they added. That would indicate it was most likely an infrasonic or ultrasonic weapon.

The Canadian government said Thursday that at least one Canadian diplomat in Cuba also has been treated for hearing loss following disclosures that a group of American diplomats in Havana suffered severe hearing loss that U.S. officials believe was caused by an advanced sonic device.

Global Affairs Canada spokeswoman Brianne Maxwell said Canadian officials “are aware of unusual symptoms affecting Canadian and US diplomatic personnel and their families in Havana. The government is actively working — including with U.S. and Cuban authorities – to ascertain the cause.”

Basically, these diplomats came under acoustic attack in the form of a dog-whistle-style sound, unheard by humans. The sound-making devices were placed either inside or just outside the embassy employees’ homes.

 

Advertisements
Posted in Uncategorized | Tagged , , , , , , , | Leave a comment

Black Death, dark web

Italian police confirmed they’re looking for at least one other man following the arrest of Polish-born Brit Lukasz Herba, one of the alleged masterminds behind Chloe Ayling’s dramatic abduction.

Miss Ayling told Italian police that her agent had booked her a photo shoot in Milan on July 11.

Ayling, 20, but instead was drugged and kidnapped for six days.

42FBA30C00000578-4763334-She_was_drugged_with_ketamine_and_kept_in_an_abandoned_office_pi-a-29_1501938209520

She said Herba, 30 — a member of a shady underground syndicate called “Black Death” — told her she was going to be auctioned off on the dark web.

 

black death ransom

Cops detained the British-based Pole in Milan and found a Black Death leaflet – which features black plague doctors from the 1300s – alongside a note to the victim explaining why she was being released.

The note called her kidnapping a “mistake” because she was a mother of a two-year-old and said “our main and very well respected men” argued for her release.

The woman told police she was attacked by two men who reportedly demanded £270,000 in Bitcoins to free her – a fee which was later negotiated down to £50,000 by the terrified model’s agent.

The unidentified 20-year-old woman, who traveled to Milan for what she thought was a photo shoot, was released because she is a mother — making her undesirable to human traffickers, according to reports.

Herba was arrested July 18 after his auction plan went awry, as he was taking Ayling to the British consulate in Milan. He appeared in court last Friday, when detectives sought to keep him incarcerated as they continue to investigate his claimed affiliation with a notorious trafficking ring called the Black Death Group that Interpol investigated in 2015.

Italian prosecutors are working to figure out whether the threat of the online auction was used as an extortion attempt for $300,000 in ransom money for Ayling’s return. They’re also trying to determine whether the Black Death group actually exists.

Herba also reportedly told Ayling that he had made €15 million ($17.7 million) sex-trafficking kidnapped women and selling them via the deep web on the Black Death Group website, which its developers move frequently and which can only be found and accessed through a special encrypted invitation with a URL.

The Black Death, which is believed to operate in Eastern Europe, dates back to 1994 and is said to offer services including “assassinations, bombings and arms dealing.”

The Sunday Mirror has uncovered the British model’s Dark Web “advert” which features a disturbing image of her dressed in just a velvet body suit, looking dazed and lying on the floor with her left breast exposed.

Her captors had even placed a calling card on her stomach.

The ad by Black Death Group – which refers to victims as “merchandise” – also features a series of horrifying promises about the women they traffic and a list of the woman’s personal details – including her dimensions.

Black Death – which operates using the Bitcoin currency – boast they can “kidnap a specific target for your needs” and assure free “EU delivery” of victims.

The dark web is a section of the internet where people can contact one another anonymously and without fear of being monitored.

Google doesn’t work and where passwords are replaced by encrypted invitations. It can only be accessed through anonymizer browsers like Tor Project, which hide IP addresses so web surfers with malicious intent cannot be traced. It is known as the deep web or darknet: a place where college students buy hard drugs to be delivered to their dorms, where arms are sold to terrorists, and where street children are sold for snuff films.

Because of this many criminals use it to sell illegal drugs, chemicals, weapons, child porn and even offer assassination services. Silk Road – the most notorious dark net online market – was closed down by the FBI in 2013.

Its founder Ross Ulbricht was convicted of seven charges including drug trafficking, criminal enterprise, aiding and abetting the distribution of drugs over the internet, computer hacking and money laundering. He was sentenced to life.

one post from the internets

Human trafficking is an oft-quoted myth of the dark web, but one that is rarely backed up with evidence. For a brief few moments, I managed to grab the attention of someone who actually claimed to be selling people on this part of the internet—whether they really were or not.

“We don’t invite strangers to auctions,” Black Death told me in one email. “We don’t want popularity. No Europol. No people just looking around. No journalists or bloggers.”

“Just serious business.

Posted in Uncategorized | Tagged , , , , | Leave a comment

Honeypot Trap on Social media.

Mia Ash is young, attractive and popular, with hundreds of social media connections.

She shares your favourite hobbies, so when she adds you, you’re flattered and a little bit excited.

After exchanging messages on LinkedIn, you’re happy to continue the conversation on Facebook and WhatsApp.

Mia Ash is a fake profile containing stolen images used by foreign hackers to lure unsuspecting men with access to sensitive data.
Mia Ash is a fake profile containing stolen images used by foreign hackers to lure unsuspecting men with access to sensitive data.

MIA ASH IS a 30-year-old British woman with two art school degrees, a successful career as a photographer, and plenty of friends—more than 500 on Facebook, and just as many on LinkedIn. A disproportionate number of those friends happen to be Middle Eastern men, and when she posts coy selfies to Facebook, they shower her with likes. Her intriguing relationship status: “It’s complicated.” No kidding.

Mia Ash doesn’t exist

You’ve been communicating with a mirage, and you’re about to fall into the hands of a team of hackers believed to be acting on behalf of a hostile foreign government.

Online “honey pot” attackers like Mia Ash represent a new front in a global espionage, with hackers targeting strategically important companies through their weakest line of defence: their hapless employees.

That’s according to cyber security expert Allison Wikoff from SecureWorks, whose counter threat unit has been fighting what has been dubbed the Cobalt Gypsy spy campaign.

Mia Ash is a sophisticated fake persona that the unit has identified as an agent of a hacker group called Cobalt Gypsy aka OilRig, which is understood to be backed by the Iranian Government.

With highly detailed social media profiles portraying her as a young English photographer, the group used real images believed to be stolen from an innocent woman in Romania.

Look out for stock images and watermarked (stolen) photographs used to create social media profiles.

The scam targeted mid-level staff at Middle Eastern telecommunication, technology, aerospace and oil and gas companies with access to sensitive parts of their company’s IT operations.

Mia Ash introduced herself as a wedding and portrait photographer reaching out to people around the world, saying she wanted to “learn more about your country”.

One worker fell for Mia Ash’s charm, striking up a friendship that lasted several weeks before the true nature of the situation was revealed when the hackers sent him a malware-infected email disguised as a “photography survey”.

The man, an amateur photographer who connected with the young woman believing they had a shared interest, unsuspectingly opened the attachment.

Ms Wikoff said the aim was to steal login IDs and passwords when the document, once opened, would unleash a type of malware called PupyRAT, giving the hackers access to the organisation’s computer systems.

“They’re really interested in information that aligns with the Iranian government’s objectives,” she told news.com.au.

A Phish Called Mia

In February, as SecureWorks helped a Middle Eastern company diagnose an attempted spyware infection, the security analysts found that one of that company’s employees had been communicating with the Ash persona for more than a month. The conversation had begun on LinkedIn, where Ash had approached the staffer with questions about photography. The discussion had moved to Facebook, and the scope broadened to work, photography, and travel.

Eventually, Ash sent the staffer an email with a Microsoft Excel attachment for a photography survey. She asked him to open it on his office network, telling him that it would work best there. After a month of trust-building conversation, he did as he was told. The attachment promptly launched a malicious macro on his computer and attempted to install a piece of malware known as PupyRAT, though the company’s malware defenses prevented the installation.

After digging further into Mia Ash, SecureWorks found that hackers have cultivated the persona as a lure for staffers at target companies for over a year, with the endgame of infecting computers with spyware, and getting an initial foothold into a victim company’s network.

Social engineering, or using human lies and pretenses as a means to lull victims into security slip-ups, is a well-worn page of the hacker playbook. But rarely do hacker groups go to the trouble of building such a long-running, fleshed out persona as Mia Ash, says Allison Wikoff, one of the SecureWorks researchers who led the analysis, which SecureWorks presented at the Black Hat security conference. She points to Ash’s well-populated Facebook, LinkedIn, Blogger, and WhatsApp accounts, as well as two email addresses, as evidence of the hackers’ persistence and planning. “This is one of the most well-built fake personas I’ve seen,” says Wikoff. “It definitely worked, and worked for well over a year.”

Fake Friend

Examining Ash’s friends on Facebook and Linkedin, SecureWorks found she had two distinct sets. First, she seems to have befriended prominent photographers to bolster her profile as a bona fide shutterbug. The second group comprised men aged 20 to 40, mostly in Middle Eastern and Asian countries including Saudi Arabia, Iraq, Iran, and Israel, as well as some Americans, who worked as mid-level technicians, software developers, and administrators at tech, oil and gas, aerospace, consulting, and healthcare companies.

Examining the would-be target list in Ash’s friend group, SecureWorks linked her with a hacker group known as OilRig or Cobalt Gypsy, widely believed to be working for the Iranian government in a widespread cyberespionage campaign. (According to at least one analysis from McAfee, that group also collaborated on a more destructive campaign to plant data-destroying Shamoon malware on the networks of more than a dozen Saudi Arabian targets, and SecureWorks’ analysis of the group’s methods also matches a description of Shamoon-planting hackers tracked by IBM.)

In late 2016, SecureWorks spotted that group launching a broad phishing campaign that used PupyRat as well. A month later, Mia Ash kicked into action at the company SecureWorks aided. Wikoff suggests that means the Ash persona may be used as a secondary tactic: If a specific company’s staff doesn’t fall for more traditional phishing emails, a persona like Ash approaches a specific target there, initiating a professional conversation over LinkedIn, and then building trust via Facebook or WhatsApp before sending the victim a malware payload via email. Based on the time put into the Ash persona, she believes it was likely used repeatedly against the Iranian hackers’ targets. “This is probably a well-oiled machine,” Wikoff says.

Ash to Ashes

After well over a year online, Ash’s LinkedIn profile mysteriously disappeared earlier this month. SecureWorks alerted Facebook to the persona, and the company removed her profile there, too.

SecureWorks also identified the real-life woman whose photos hackers used to assemble Mia Ash’s profiles. But when WIRED reached out to her she declined to speak on the record, and asked not to be identified. Wikoff points to her case as an example of how publicly posting personal photos can have unexpected, creepy consequences. “If you don’t lock down your social media accounts, they can be used in ways that might not directly harm you, but are nonetheless nefarious,” Wikoff says.

But Mia Ash offers a more serious lesson to possible victims of state-sponsored hackers, Wikoff says: Digital honey traps can be highly sophisticated, with personas that appear to have long histories and convincing personalities. And that attractive new Facebook friend may not actually be into your vacation photos.

Posted in Uncategorized | Tagged , , , , , , , , | Leave a comment

What’s Up with Poland

Outrage over plans by Poland’s governing party to put the judicial system under its political control sparked another day of nationwide protests Saturday, with some people gathering outside the home of ruling party leader Jaroslaw Kaczynski and accusing him of being a dictator.

Polish democracy icon and former President Lech Walesa addressed a protest in Gdansk, urging young Poles to fight to preserve the separation of powers that his Solidarity movement helped to achieve more than a quarter century ago when Poland threw off communist rule.

Poland’s Senate approved the measure early Saturday, capping days of debate and demonstrations. The lower house of Parliament gave its approval earlier this week.

“Mass protests in Poland in recent days failed to change the minds of the ruling Law and Justice Party,” NPR’s Soraya Sarhaddi Nelson reports from Berlin. “Its leaders say the measure — which among other things, ousts the current Supreme Court judges — is aimed at reforming the judicial system and to ensure any vestiges of communism are purged.”

The new law would allow Duda to choose who gets to stay on the court and to name new judges to replace anyone he wants to remove.

The EU is on the brink of taking the nuclear option of stripping Poland of its voting rights in Brussels in response to plans by its rightwing government to “abolish” the independence of the country’s judiciary.

Frans Timmermans, the first vice-president of the European commission, accused Warsaw of seeking to put judges under full political control as he warned that the EU was “very close” to triggering article 7, a never-before-used sanction in the treaties that allows a member state’s voting rights in the council of ministers to be suspended.

 

Posted in Uncategorized | Tagged , | Leave a comment

Three SBU Deaths in Ukraine

 

28 June 2017 Colonel Yuriy Vozny,   of the Security Service of Ukraine (SBU) has been killed in a mine blast in Donbas

Photo published for SBU colonel killed in car blast in Donbas, three more injured (Photo)

The SBU said that Vozny is the 23rd officer in the security service to have been killed since fighting began in eastern Ukraine in 2014.

27 June 2017 Colonel Maksym Shapoval was killed in blast in Kiev.

He was head of Intelligence Reserve of Ukraine’s Defense Ministry and Special Forces Ops officer.

 

31 March 2017 #Ukraine SBU Colonel Oleksandr Kharaberyush officer killed in Mariupol.

He was the deputy head of counterintelligence of the Security Service of Ukraine (SBU)

Photo published for В Мариуполе взорвали полковника СБУ, пытавшего ополченцев

The explosion occurred at the junction of Metalurhiv Avenue and Kafaiska Street in the central district of Mariupol at 8:35 a.m., the Donetsk regional police’s liaison department said.

Kharaberiush himself, who served as deputy head of the main counterintelligence department of the Donetsk SBU Directorate, died on the spot.

Some believe he was  known in Donbass for his torturing of civilians

Givi and Motorola were killed in 2016. Now Ukraine SBU officers are getting killed.

This means someone is giving information from the inside the SBU.

Who benefits from Three Colonels dying?

The Majors.

Posted in Uncategorized | Tagged , , , , , , , | Leave a comment

Eastern Europe Russia War Scenarios

Three Scenarios worth discussion.

  1. The people of Kharkiv strongly resisted the separatist scenario in 2014-2015. Demonstrations for Ukraine were consistently well-attended, despite the obvious threat of violence. A university city, the fragmented nature of Kharkiv is quite distinct from the unitary, proletarian nature of rebel-held Donbass. Kharkiv seems to have come to the consensus that the city’s newfound stability is all thanks to MAyor Kernes. Now that Lugansk and Donbass are stable, the city is prime for another attempt. Kharkiv has built a wall, but its people just want the war to end. The assassinations in Russia are on the rise. The Mayor stopped the separatists, but would the engine of the city stop if he was killed? This event would happen and the separatists would have better odds. This would plunge Ukraine in chaos. NATO would not intervene.  This would have to happen this year or the freedom to travel the EU would make it harder to want to rejoin the Soviet Union. Kharkiv residence that were able to travel visa free are enjoying it. The romance with EU and the West will continue like Romania in the 1990s. Russia can see the days when missiles defenses are on its border, manned by Russian speaker Ukrainian soldiers. That is the fear that is not acceptable to the Rodihna.
  2. Belarus. The conflict between Russia and NATO probably will begin with Belarus.  Belarusian leader Alexander Lukashenko does not need or want Russian military bases on its territory.. He recently allowed five day visa free travel from the EU and USA. This has triggered an underground pro-west feeling among many Bellorussians. Life is too hard there and foreign cash and tourists are welcome.Russia may decide to launch a coup, overthrowing or assassinating Alexander Lukashenko and replacing him with a fully controlled and loyal secret service general. The new leader of Belarus then officially invites Russian troops into Belarus. After this the Kremlin begins to generate hybrid threats to the Baltic countries and Poland. NATO then decides to activate Article 5 and sends High Readiness Forces to protect these states. The Kremlin interprets this step as a declaration of war and responds with a large-scale offensive operation against the Baltic states and Poland.
  3. Poland. The world watched the 1968 invasion of Czechoslovakia.  This is in the NATO mind for Poland. NATO initiating a conflict is a politically palatable cover for  an offensive plan into Poland. Yesterday, a USA recon place was within five feet of a Soviet Fighter. At what point does NATO shoot down a fighter in open air space>? What would Moscow response be? NATO resistance would be overrun quickly in the absence of a larger mechanized defensive force posture. Also like Ukraine, Estonia and Latvia are home to sizable ethnic Russian populations that have been at best unevenly integrated into the two countries’ post-independence political and social mainstreams and that give Russia a self-justification for meddling in Estonian and Latvian affairs. Even though the USA is part of NATO, would the current administration participate if Poland scenario of war developed?

 

 

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

The Dark Hackers

Today was a summit of the best minds in the computer world.

The hackers who hacked google and others are increasing their appetite for money.

They well funded and have support in equipment and hosting.

They hit targets for money.

They learn from the idiots at anonymous

No brags.

Ransom, steal, trick into getting into accounts.

They are keeping politics out of it.

Only money.

The current windows 10 is causing nonstop problems for business and customers

But the hackers spend lavishly.

That is the weakness.

When using the Tool Eternal Blue. One must have been trained by a person familiar with it.

More than 45,000 attacks have been recorded in as many as 74 countries, including Russia, Turkey, Vietnam, the Philippines and Japan, according to Kaspersky Labs, a Russian cybersecurity firm

The Russian Interior Ministry confirmed in a statement that 1,000 of its computers had also been hit.

The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists.

A tool known as Eternal Blue developed by US spies was used by the hackers to supercharge an existing form of criminal malware, three senior cyber security analysts said, leading to one of the fastest-spreading and potentially damaging cyber attacks seen to date. Their analysis was confirmed by western security officials who were scrambling to contain an attack that initially hit hospitals and doctors’ practices across the UK. The same or similar virus was used in a large-scale attack in Spain that hit Telefónica, the country’s main telecoms provider.
An “accidental hero” has halted the global spread of the WannaCry ransomware that has wreaked havoc on organizations including the UK’s National Health Service (NHS), FedEx and Telefonica.
Massive ransomware cyber-attack hits nearly 100 countries around the world
Read more
A cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and implemented a “kill switch” in the malicious software that was based on a cyber-weapon stolen from the NSA.
The kill switch was hardcoded into the malware in case the creator wanted to stop it from spreading. This involved a very long nonsensical domain name that the malware makes a request to – just as if it was looking up any website – and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading.

Friday’s massive international cyberattack may give you the best reason of all to hit “update” when prompted.Reports suggest that the vulnerability exploited by the worm responsible for the attack is the same one revealed in April by the hacker group known as the Shadow Brokers. The Shadow Brokers alleged that the U.S. National Security Agency had used weaknesses in Windows as part of its digital surveillance efforts.

 

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , | Leave a comment