• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

FBI: Lisa Page Dimes Out Top FBI Officials During Classified House Testimony; Bureau Bosses Covered Up Evidence China Hacked Hillary

Dev1lXYZ

Member
The embattled Lisa Page tossed James Comey, Andrew McCabe, Peter Strzok and Bill Priestap among others under the Congressional bus, alleging the upper echelon of the FBI concealed intelligence confirming Chinese state-backed ‘assets’ had illegally acquired former Secretary of State Hillary Clinton’s 30,000+ “missing” emails.

The Russians didn’t do it. The Chinese did, according to well-placed FBI sources.

And while Democratic lawmakers and the mainstream media prop up Russia as America’s boogeyman, it was the ironically Chinese who acquired Hillary’s treasure trove of classified and top secret intelligence from her home-brewed private server.
And a public revelation of that magnitude — publicizing that a communist world power intercepted Hillary’s sensitive and top secret emails — would have derailed Hillary Clinton’s presidential hopes. Overnight. But it didn’t simply because it was concealed.
FBI bosses knew of the breach yet did nothing to investigate, seemingly trying to run out the clock on the alarming revelations to protect Hillary during her heated presidential campaign with Trump. So instead of investigating the hacking of Clinton’s server, FBI bosses sat quietly.

And did nothing to confirm the Chinese assets were linked to their government. Or assess the damage such a tremendous breach posed to national security. Did the Chinese government access Hillary’s emails? The FBI didn’t care enough to investigate at the risk of besmirching Clinton and further soiling her during the election.

Hundreds of top secret documents and even the president’s daily travel and security itineraries were on that server — and intercepted by a communist country — yet the FBI sat on the evidence. Likewise, all of Clinton’s and her inner circle’s outgoing emails were compromised as well, sources confirmed.

Even the Inspector General had tipped off the FBI — specifically Strzok — about the foreign breach. Still, no timely case was pursued.
That same cover-up pattern fits FBI bosses who time after time stalled and concealed other criminal intelligence on Clinton in the weeks prior to the election.

https://truepundit.com/fbi-lisa-pag...ence-china-hacked-hillarys-top-secret-emails/


Can we say ‘Dasvidaniya’ to the Russia narrative and ‘Ne Hao’ to the Chinese one?

PfZ7dZ8.jpg
 
Last edited:

Papa

Banned
One thing I cannot understand is why Comey put out that letter that was detrimental to Clinton right before the election. That’s the one thing in this whole mess that sticks out like a sore thumb. Everything else he did seemed to favour Clinton except for that.
 

Arkage

Banned
Haha trustworthy website there

This dude is basically just shitting up OT with conspiracy websites. He already showed me the one where they prove that Obama had gay sex while doing cocaine. Or was it the one where the entire US intelligence agency is conspiring against Russia by faking digital signatures. I forget, there are so many.
 

TheMikado

Banned
The embattled Lisa Page tossed James Comey, Andrew McCabe, Peter Strzok and Bill Priestap among others under the Congressional bus, alleging the upper echelon of the FBI concealed intelligence confirming Chinese state-backed ‘assets’ had illegally acquired former Secretary of State Hillary Clinton’s 30,000+ “missing” emails.

The Russians didn’t do it. The Chinese did, according to well-placed FBI sources.

And while Democratic lawmakers and the mainstream media prop up Russia as America’s boogeyman, it was the ironically Chinese who acquired Hillary’s treasure trove of classified and top secret intelligence from her home-brewed private server.
And a public revelation of that magnitude — publicizing that a communist world power intercepted Hillary’s sensitive and top secret emails — would have derailed Hillary Clinton’s presidential hopes. Overnight. But it didn’t simply because it was concealed.
FBI bosses knew of the breach yet did nothing to investigate, seemingly trying to run out the clock on the alarming revelations to protect Hillary during her heated presidential campaign with Trump. So instead of investigating the hacking of Clinton’s server, FBI bosses sat quietly.

And did nothing to confirm the Chinese assets were linked to their government. Or assess the damage such a tremendous breach posed to national security. Did the Chinese government access Hillary’s emails? The FBI didn’t care enough to investigate at the risk of besmirching Clinton and further soiling her during the election.

Hundreds of top secret documents and even the president’s daily travel and security itineraries were on that server — and intercepted by a communist country — yet the FBI sat on the evidence. Likewise, all of Clinton’s and her inner circle’s outgoing emails were compromised as well, sources confirmed.

Even the Inspector General had tipped off the FBI — specifically Strzok — about the foreign breach. Still, no timely case was pursued.
That same cover-up pattern fits FBI bosses who time after time stalled and concealed other criminal intelligence on Clinton in the weeks prior to the election.

https://truepundit.com/fbi-lisa-pag...ence-china-hacked-hillarys-top-secret-emails/


Can we say ‘Dasvidaniya’ to the Russia narrative and ‘Ne Hao’ to the Chinese one?

PfZ7dZ8.jpg

I’m not sure if you’re American and English is a second language, or simply an reading comprehension issue.

China could have hacked Hillary’s emails for all we know but that is a SEPERATE issue than the DNC hack.

Because one happened doesn’t mean the other didn’t. This is just pitiful at this point.
 

mr2xxx

Banned
Wrap it up folks, TruePundit to the rescue! Also Trump would of blamed the Chinese instead of looking like Putin's lil bitch this week.
 
Transcripts please.

Cause:

Is anyone going to go to prison for politicizing the FBI and covering up countless crimes committed by FBI personnel in a variety of coordinated schemes to protect Hillary and the Democrats?


lol

true pundit
 
Last edited:

Chiggs

Gold Member
Trying to figure out if I like the phrase “the Embattled Lisa Page” more than I love “Our beleaguered Attorney General.”
 

eclipze

Member
Is Neogaf now allowing conspiracy websites, such as true pundit, as legitimate news sources? Asking for a friend.
 

Barsinister

Banned
Would we be of better use to him if we just ignored his thread and let the thing sink off the page? He will get the message without the humiliation, I think.
 
One thing I cannot understand is why Comey put out that letter that was detrimental to Clinton right before the election. That’s the one thing in this whole mess that sticks out like a sore thumb. Everything else he did seemed to favour Clinton except for that.

That event allowed the FBI to take over Weiners laptop, stopping the NYPD from revealing what's on it. Either Comey was working against Hillary or there was something on the laptop that was more important than the election.
 
Last edited:

Papa

Banned
That event allowed the FBI to take over Weiners laptop, stopping the NYPD from revealing what's on it. Either Comey was working against Hillary or there was something on the laptop that was more important than the election.

Interesting...

I mean, the guy was convicted for soliciting sex from a minor. I would be surprised if there wasn’t something sus on the laptop.
 
S

SLoWMoTIoN

Unconfirmed Member
Is Neogaf now allowing conspiracy websites, such as true pundit, as legitimate news sources? Asking for a friend.
Are we a serious political website or a video gaming one?
 

Dev1lXYZ

Member
Are we a serious political website or a video gaming one?

The Off Topic Forum can be about really any subject that one wants to discuss. Start up a thread man! 😎

On this particular subject, I wanted to explore how the media in the present day pretty much write things up and post them for clicks. The mainstream media like CNN, MSNBC, and Fox News do it all the time. True Pundit is just as credible as the rest of the mainstream.
 
While the heavy-handed political moderation became too much at times, one thing I miss about OldGAF curation was the almost zero tolerance for crackpot conspiracy theories. I don't see why there can't be some level of quality control - OldGAF had no issues banning news sites that were hyperpartisan even when they were left-leaning (e.g., shareblue).

I mean sure, it's a video game forum so whatever, but I don't really see what I gain by having off-topic look like a shitty tabloid from a grocery store.
 

Dev1lXYZ

Member
While the heavy-handed political moderation became too much at times, one thing I miss about OldGAF curation was the almost zero tolerance for crackpot conspiracy theories. I don't see why there can't be some level of quality control - OldGAF had no issues banning news sites that were hyperpartisan even when they were left-leaning (e.g., shareblue).

I mean sure, it's a video game forum so whatever, but I don't really see what I gain by having off-topic look like a shitty tabloid from a grocery store.


Who is to be the judge of that a crackpot conspiracy theory is? The sources cited are just as good as any sources from hundreds of articles published by the mainstream media.
If you see a thread you don't like....JUST DONT CLICK ON IT. Just like the grocery store just walk your little self by.
 
Commenting on the quality of a post is fair game. I don't really buy the idea that threads can only be 1) ignored or 2) taken extremely seriously with serious replies only. You'll need to direct me to where a moderator indicated this, otherwise pointing out that some shitty right-wing gossip website is probably low quality journalism is entirely fair.

I mean - it goes both ways? If someone saying 'I am unconvinced an article asking for Trump campaign donations is likely to be sincerely sourced and researched' really bothers you, you're perfectly welcome to take your own advice and ignore the criticism.
 
Last edited:

Barsinister

Banned
That is not what was happening, though. Dev1lXYZ Dev1lXYZ was being openly mocked and made to feel small. It lowers the quality of the place. I noticed it last night and chimed in because I didn't like it.
 

eclipze

Member
That is not what was happening, though. Dev1lXYZ Dev1lXYZ was being openly mocked and made to feel small. It lowers the quality of the place. I noticed it last night and chimed in because I didn't like it.

I agree, everyone should also stop mocking flat-earthers as well.
#StopDeplatformingConspiracyTheorists
#ConspiracyTheoristsLivesMatter
 

Dev1lXYZ

Member
I’m not sure if you’re American and English is a second language, or simply an reading comprehension issue.

China could have hacked Hillary’s emails for all we know but that is a SEPERATE issue than the DNC hack.

Because one happened doesn’t mean the other didn’t. This is just pitiful at this point.


The issue here is that Hillary and the DNC both didn't have proper security protocols in place to prevent any sort of malicious attacks toward their servers. If they had followed the security protocols that had been recommended, like the RNC did, things would be a whole lot different.

To save face this while wild goose chase farce was concocted by the DNC and their agents.
 
Last edited:

NickFire

Member
I've never heard of this source, and will need to see something I find more credible before I could ever give serious thought to such a scandalous allegation.
 

Panda1

Banned
the DNC hack.

You muppet - there is no hack - the DNC server was a LEAK basically confirmed by wikileaks who leaked it. But you are assuming 100% it has been hacked when no one has any evidence of hacking or the server being analysed or the mass deletion of data!!
 

BANGS

Banned
One thing I cannot understand is why Comey put out that letter that was detrimental to Clinton right before the election. That’s the one thing in this whole mess that sticks out like a sore thumb. Everything else he did seemed to favour Clinton except for that.
Comey isn't a politician, probably a few different parties pulling his strings...
 

Xiaoki

Member
One of the more ....embarrassing threads in a while.

Mainly, because I dont think this True Pundit website is trustworthy.

I think we should consult a more reputable source such as Godlike Productions.
 

TheMikado

Banned
The issue here is that Hillary and the DNC both didn't have proper security protocols in place to prevent any sort of malicious attacks toward their servers. If they had followed the security protocols that had been recommended, like the RNC did, things would be a whole lot different.

To save face this while wild goose chase farce was concocted by the DNC and their agents.

You muppet - there is no hack - the DNC server was a LEAK basically confirmed by wikileaks who leaked it. But you are assuming 100% it has been hacked when no one has any evidence of hacking or the server being analysed or the mass deletion of data!!

Man deniers at least get their story straight. I’m just going to assume Panda1 is a total stooge.

Anyway, yes the DNC is has have a terribly security track record for the past few decades. That’s nothing new.

But acting as if the information was stolen and disseminate legal is the height of absurdity. The information was taken and illegally circulated.

PERIOD.
This isn’t even debatable. If you don’t want to believe it is as the Russians when Trump himself has said he trusts our intelligence agencies on Russian meddling, then I don’t know what to tell you.
 

Dev1lXYZ

Member
Man deniers at least get their story straight. I’m just going to assume Panda1 is a total stooge.

Anyway, yes the DNC is has have a terribly security track record for the past few decades. That’s nothing new.

But acting as if the information was stolen and disseminate legal is the height of absurdity. The information was taken and illegally circulated.

PERIOD.
This isn’t even debatable. If you don’t want to believe it is as the Russians when Trump himself has said he trusts our intelligence agencies on Russian meddling, then I don’t know what to tell you.


Didn't Seth Rich- a Bernie Sanders supporter-who was upset that the DEMS were sidelining him for Hillary leak everything to Wikileaks and got deep sixed for it?
 
Last edited:
D

Deleted member 12837

Unconfirmed Member
You muppet - there is no hack - the DNC server was a LEAK basically confirmed by wikileaks who leaked it. But you are assuming 100% it has been hacked when no one has any evidence of hacking or the server being analysed or the mass deletion of data!!

No hack. No hack. You're the hack.

Did I do that right?

So it wasn't a hack.

https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

Data transfer speeds indicate a local USB thumb drive was used for the transfer.

E: someone manually took the files off the server, placed them on a flash drive locally, and from there what happened to them is in know.

I have gigabit internet, that's 125 MB/s for both upload and download speed. The argument that ~23 MB/s makes it impossible to have been over a network is pretty weak.

Also doesn't address the state election board system hacks and the theft of voter information.
 
Last edited by a moderator:

NickFire

Member
Didn't Seth Rich- a Bernie Sanders supporter, who was upset that the DEMS were sidelining him for Hillary leak everything to Wikileaks and got deep sixed for it?
Um, while I can somewhat understand wondering if that was possible at one time when it all was going down, don't you think enough time has passed without any evidence to support it surfacing, to perhaps stop giving it much thought?
 

TheMikado

Banned
So it wasn't a hack.

https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

Data transfer speeds indicate a local USB thumb drive was used for the transfer.

E: someone manually took the files off the server, placed them on a flash drive locally, and from there what happened to them is in know.

No, your source is from Oct. 2017 prior to the actual reveal of the forensics data. The INDICTMENT itself actually details the methods that it was hacked. Not some 3rd party organization guessing at may have happened. Even they themselves also state their investigations do not rule out a hack. Seriously, where are people getting their sources???
Anyway, here is the actual indictment detailing the actual technical information for the agencies actually involved in investigating the process:

https://www.justice.gov/file/1080281/download

By in or around April 2016, the Conspirators also hacked into the computer networks of the Democratic Congressional Campaign Committee (“DCCC”) and the Democratic National Committee (“DNC”). The Conspirators covertly monitored the computers of dozens of DCCC and DNC employees, implanted hundreds of files containing malicious computer code (“malware”), and stole emails and other documents from the DCCC and DNC.

For example, on or about March 19, 2016, LUKASHEV and his co-conspirators created and sent a spearphishing email to the chairman of the Clinton Campaign. LUKASHEV used the account “john356gh” at an online service that abbreviated lengthy website addresses (referred to as a “URL-shortening service”). LUKASHEV used the account to mask a link contained in the spearphishing email, which directed the recipient to a GRU-created website. LUKASHEV altered the appearance of the sender email address in order to make it look like the email was a security notification from Google (a technique known as “spoofing”), instructing the user to change his password by clicking the embedded link. Those instructions were followed.

On or about March 21, 2016, LUKASHEV, YERMAKOV, and their co-conspirators stole the contents of the chairman’s email account, which consisted of over 50,000 emails.

b. Starting on or about March 19, 2016, LUKASHEV and his co-conspirators sent spearphishing emails to the personal accounts of other individuals affiliated with Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 6 of 29 7 the Clinton Campaign, including its campaign manager and a senior foreign policy advisor.

On or about March 25, 2016, LUKASHEV used the same john356gh account to mask additional links included in spearphishing emails sent to numerous individuals affiliated with the Clinton Campaign, including Victims 1 and 2. LUKASHEV sent these emails from the Russia-based email account [email protected] that he spoofed to appear to be from Google.

c. On or about March 28, 2016, YERMAKOV researched the names of Victims 1 and 2 and their association with Clinton on various social media sites. Through their spearphishing operations, LUKASHEV, YERMAKOV, and their co-conspirators successfully stole email credentials and thousands of emails from numerous individuals affiliated with the Clinton Campaign. Many of these stolen emails, including those from Victims 1 and 2, were later released by the Conspirators through DCLeaks.

d. On or about April 6, 2016, the Conspirators created an email account in the name (with a one-letter deviation from the actual spelling) of a known member of the Clinton Campaign. The Conspirators then used that account to send spearphishing emails to the work accounts of more than thirty different Clinton Campaign employees. In the spearphishing emails, LUKASHEV and his co-conspirators embedded a link purporting to direct the recipient to a document titled “hillaryclinton-favorable-rating.xlsx.” In fact, this link directed the recipients’ computers to a GRU-created website. 22. The Conspirators spearphished individuals affiliated with the Clinton Campaign throughout the summer of 2016.

For example, on or about July 27, 2016, the Conspirators Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 7 of 29 8 attempted after hours to spearphish for the first time email accounts at a domain hosted by a thirdparty provider and used by Clinton’s personal office. At or around the same time, they also targeted seventy-six email addresses at the domain for the Clinton Campaign. Hacking into the DCCC Network 23. Beginning in or around March 2016, the Conspirators, in addition to their spearphishing efforts, researched the DCCC and DNC computer networks to identify technical specifications and vulnerabilities.

a. For example, beginning on or about March 15, 2016, YERMAKOV ran a technical query for the DNC’s internet protocol configurations to identify connected devices.

b. On or about the same day, YERMAKOV searched for open-source information about the DNC network, the Democratic Party, and Hillary Clinton.

c. On or about April 7, 2016, YERMAKOV ran a technical query for the DCCC’s internet protocol configurations to identify connected devices.

24. By in or around April 2016, within days of YERMAKOV’s searches regarding the DCCC, the Conspirators hacked into the DCCC computer network. Once they gained access, they installed and managed different types of malware to explore the DCCC network and steal data.

a. On or about April 12, 2016, the Conspirators used the stolen credentials of a DCCC Employee (“DCCC Employee 1”) to access the DCCC network. DCCC Employee 1 had received a spearphishing email from the Conspirators on or about April 6, 2016, and entered her password after clicking on the link.

b. Between in or around April 2016 and June 2016, the Conspirators installed multiple versions of their X-Agent malware on at least ten DCCC computers, which allowed them to monitor individual employees’ computer activity, steal passwords, and maintain access to the DCCC network. Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 8 of 29 9

c. X-Agent malware implanted on the DCCC network transmitted information from the victims’ computers to a GRU-leased server located in Arizona. The Conspirators referred to this server as their “AMS” panel. KOZACHEK, MALYSHEV, and their co-conspirators logged into the AMS panel to use X-Agent’s keylog and screenshot functions in the course of monitoring and surveilling activity on the DCCC computers. The keylog function allowed the Conspirators to capture keystrokes entered by DCCC employees. The screenshot function allowed the Conspirators to take pictures of the DCCC employees’ computer screens.

d. For example, on or about April 14, 2016, the Conspirators repeatedly activated X-Agent’s keylog and screenshot functions to surveil DCCC Employee 1’s computer activity over the course of eight hours. During that time, the Conspirators captured DCCC Employee 1’s communications with co-workers and the passwords she entered while working on fundraising and voter outreach projects.

Similarly, on or about April 22, 2016, the Conspirators activated X-Agent’s keylog and screenshot functions to capture the discussions of another DCCC Employee (“DCCC Employee 2”) about the DCCC’s finances, as well as her individual banking information and other personal topics.

25. On or about April 19, 2016, KOZACHEK, YERSHOV, and their co-conspirators remotely configured an overseas computer to relay communications between X-Agent malware and the AMS panel and then tested X-Agent’s ability to connect to this computer. The Conspirators referred to this computer as a “middle server.” The middle server acted as a proxy to obscure the connection between malware at the DCCC and the Conspirators’ AMS panel.

On or about April Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 9 of 29 10 20, 2016, the Conspirators directed X-Agent malware on the DCCC computers to connect to this middle server and receive directions from the Conspirators.

Hacking into the DNC Network
26. On or about April 18, 2016, the Conspirators hacked into the DNC’s computers through their access to the DCCC network. The Conspirators then installed and managed different types of malware (as they did in the DCCC network) to explore the DNC network and steal documents.

a. On or about April 18, 2016, the Conspirators activated X-Agent’s keylog and screenshot functions to steal credentials of a DCCC employee who was authorized to access the DNC network. The Conspirators hacked into the DNC network from the DCCC network using stolen credentials. By in or around June 2016, they gained access to approximately thirty-three DNC computers.

b. In or around April 2016, the Conspirators installed X-Agent malware on the DNC network, including the same versions installed on the DCCC network. MALYSHEV and his co-conspirators monitored the X-Agent malware from the AMS panel and captured data from the victim computers. The AMS panel collected thousands of keylog and screenshot results from the DCCC and DNC computers, such as a screenshot and keystroke capture of DCCC Employee 2 viewing the DCCC’s online banking information. Theft of DCCC and DNC Documents

27. The Conspirators searched for and identified computers within the DCCC and DNC networks that stored information related to the 2016 U.S. presidential election. For example, on or about April 15, 2016, the Conspirators searched one hacked DCCC computer for terms that included “hillary,” “cruz,” and “trump.” The Conspirators also copied select DCCC folders, including “Benghazi Investigations.” The Conspirators targeted computers containing information Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 10 of 29 11 such as opposition research and field operation plans for the 2016 elections.

28. To enable them to steal a large number of documents at once without detection, the Conspirators used a publicly available tool to gather and compress multiple documents on the DCCC and DNC networks. The Conspirators then used other GRU malware, known as “X-Tunnel,” to move the stolen documents outside the DCCC and DNC networks through encrypted channels. a. For example, on or about April 22, 2016, the Conspirators compressed gigabytes of data from DNC computers, including opposition research. The Conspirators later moved the compressed DNC data using X-Tunnel to a GRU-leased computer located in Illinois.

b. On or about April 28, 2016, the Conspirators connected to and tested the same computer located in Illinois. Later that day, the Conspirators used X-Tunnel to connect to that computer to steal additional documents from the DCCC network.

29. Between on or about May 25, 2016 and June 1, 2016, the Conspirators hacked the DNC Microsoft Exchange Server and stole thousands of emails from the work accounts of DNC employees. During that time, YERMAKOV researched PowerShell commands related to accessing and managing the Microsoft Exchange Server.

30. On or about May 30, 2016, MALYSHEV accessed the AMS panel in order to upgrade custom AMS software on the server. That day, the AMS panel received updates from approximately thirteen different X-Agent malware implants on DCCC and DNC computers.

31. During the hacking of the DCCC and DNC networks, the Conspirators covered their tracks by intentionally deleting logs and computer files. For example, on or about May 13, 2016, the Conspirators cleared the event logs from a DNC computer

. On or about June 20, 2016, the Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 11 of 29 12 Conspirators deleted logs from the AMS panel that documented their activities on the panel, including the login history. Efforts to Remain on the DCCC and DNC Networks

32. Despite the Conspirators’ efforts to hide their activity, beginning in or around May 2016, both the DCCC and DNC became aware that they had been hacked and hired a security company (“Company 1”) to identify the extent of the intrusions.

By in or around June 2016, Company 1 took steps to exclude intruders from the networks. Despite these efforts, a Linux-based version of X-Agent, programmed to communicate with the GRU-registered domain linuxkrnl.net, remained on the DNC network until in or around October 2016. 33. In response to Company 1’s efforts, the Conspirators took countermeasures to maintain access to the DCCC and DNC networks.

a. On or about May 31, 2016, YERMAKOV searched for open-source information about Company 1 and its reporting on X-Agent and X-Tunnel. On or about June 1, 2016, the Conspirators attempted to delete traces of their presence on the DCCC network using the computer program CCleaner.

b. On or about June 14, 2016, the Conspirators registered the domain actblues.com, which mimicked the domain of a political fundraising platform that included a DCCC donations page. Shortly thereafter, the Conspirators used stolen DCCC credentials to modify the DCCC website and redirect visitors to the actblues.com domain.

c. On or about June 20, 2016, after Company 1 had disabled X-Agent on the DCCC network, the Conspirators spent over seven hours unsuccessfully trying to connect to X-Agent. The Conspirators also tried to access the DCCC network using previously stolen credentials. Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 12 of 29 13

34. In or around September 2016, the Conspirators also successfully gained access to DNC computers hosted on a third-party cloud-computing service. These computers contained test applications related to the DNC’s analytics. After conducting reconnaissance, the Conspirators gathered data by creating backups, or “snapshots,” of the DNC’s cloud-based systems using the cloud provider’s own technology. The Conspirators then moved the snapshots to cloud-based accounts they had registered with the same service, thereby stealing the data from the DNC.
 

Corderlain

Banned
No hack. No hack. You're the hack.

Did I do that right?



I have gigabit internet, that's 125 MB/s for both upload and download speed. The argument that ~23 MB/s makes it impossible to have been over a network is pretty weak.

Also doesn't address the state election board system hacks and the theft of voter information.

Your connection also has basically nonexistent security compared to the dnc server which would drastically slow down speeds.

No, your source is from Oct. 2017 prior to the actual reveal of the forensics data. The INDICTMENT itself actually details the methods that it was hacked. Not some 3rd party organization guessing at may have happened. Even they themselves also state their investigations do not rule out a hack. Seriously, where are people getting their sources???
Anyway, here is the actual indictment detailing the actual technical information for the agencies actually involved in investigating the process:

https://www.justice.gov/file/1080281/download

By in or around April 2016, the Conspirators also hacked into the computer networks of the Democratic Congressional Campaign Committee (“DCCC”) and the Democratic National Committee (“DNC”). The Conspirators covertly monitored the computers of dozens of DCCC and DNC employees, implanted hundreds of files containing malicious computer code (“malware”), and stole emails and other documents from the DCCC and DNC.

For example, on or about March 19, 2016, LUKASHEV and his co-conspirators created and sent a spearphishing email to the chairman of the Clinton Campaign. LUKASHEV used the account “john356gh” at an online service that abbreviated lengthy website addresses (referred to as a “URL-shortening service”). LUKASHEV used the account to mask a link contained in the spearphishing email, which directed the recipient to a GRU-created website. LUKASHEV altered the appearance of the sender email address in order to make it look like the email was a security notification from Google (a technique known as “spoofing”), instructing the user to change his password by clicking the embedded link. Those instructions were followed.

On or about March 21, 2016, LUKASHEV, YERMAKOV, and their co-conspirators stole the contents of the chairman’s email account, which consisted of over 50,000 emails.

b. Starting on or about March 19, 2016, LUKASHEV and his co-conspirators sent spearphishing emails to the personal accounts of other individuals affiliated with Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 6 of 29 7 the Clinton Campaign, including its campaign manager and a senior foreign policy advisor.

On or about March 25, 2016, LUKASHEV used the same john356gh account to mask additional links included in spearphishing emails sent to numerous individuals affiliated with the Clinton Campaign, including Victims 1 and 2. LUKASHEV sent these emails from the Russia-based email account [email protected] that he spoofed to appear to be from Google.

c. On or about March 28, 2016, YERMAKOV researched the names of Victims 1 and 2 and their association with Clinton on various social media sites. Through their spearphishing operations, LUKASHEV, YERMAKOV, and their co-conspirators successfully stole email credentials and thousands of emails from numerous individuals affiliated with the Clinton Campaign. Many of these stolen emails, including those from Victims 1 and 2, were later released by the Conspirators through DCLeaks.

d. On or about April 6, 2016, the Conspirators created an email account in the name (with a one-letter deviation from the actual spelling) of a known member of the Clinton Campaign. The Conspirators then used that account to send spearphishing emails to the work accounts of more than thirty different Clinton Campaign employees. In the spearphishing emails, LUKASHEV and his co-conspirators embedded a link purporting to direct the recipient to a document titled “hillaryclinton-favorable-rating.xlsx.” In fact, this link directed the recipients’ computers to a GRU-created website. 22. The Conspirators spearphished individuals affiliated with the Clinton Campaign throughout the summer of 2016.

For example, on or about July 27, 2016, the Conspirators Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 7 of 29 8 attempted after hours to spearphish for the first time email accounts at a domain hosted by a thirdparty provider and used by Clinton’s personal office. At or around the same time, they also targeted seventy-six email addresses at the domain for the Clinton Campaign. Hacking into the DCCC Network 23. Beginning in or around March 2016, the Conspirators, in addition to their spearphishing efforts, researched the DCCC and DNC computer networks to identify technical specifications and vulnerabilities.

a. For example, beginning on or about March 15, 2016, YERMAKOV ran a technical query for the DNC’s internet protocol configurations to identify connected devices.

b. On or about the same day, YERMAKOV searched for open-source information about the DNC network, the Democratic Party, and Hillary Clinton.

c. On or about April 7, 2016, YERMAKOV ran a technical query for the DCCC’s internet protocol configurations to identify connected devices.

24. By in or around April 2016, within days of YERMAKOV’s searches regarding the DCCC, the Conspirators hacked into the DCCC computer network. Once they gained access, they installed and managed different types of malware to explore the DCCC network and steal data.

a. On or about April 12, 2016, the Conspirators used the stolen credentials of a DCCC Employee (“DCCC Employee 1”) to access the DCCC network. DCCC Employee 1 had received a spearphishing email from the Conspirators on or about April 6, 2016, and entered her password after clicking on the link.

b. Between in or around April 2016 and June 2016, the Conspirators installed multiple versions of their X-Agent malware on at least ten DCCC computers, which allowed them to monitor individual employees’ computer activity, steal passwords, and maintain access to the DCCC network. Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 8 of 29 9

c. X-Agent malware implanted on the DCCC network transmitted information from the victims’ computers to a GRU-leased server located in Arizona. The Conspirators referred to this server as their “AMS” panel. KOZACHEK, MALYSHEV, and their co-conspirators logged into the AMS panel to use X-Agent’s keylog and screenshot functions in the course of monitoring and surveilling activity on the DCCC computers. The keylog function allowed the Conspirators to capture keystrokes entered by DCCC employees. The screenshot function allowed the Conspirators to take pictures of the DCCC employees’ computer screens.

d. For example, on or about April 14, 2016, the Conspirators repeatedly activated X-Agent’s keylog and screenshot functions to surveil DCCC Employee 1’s computer activity over the course of eight hours. During that time, the Conspirators captured DCCC Employee 1’s communications with co-workers and the passwords she entered while working on fundraising and voter outreach projects.

Similarly, on or about April 22, 2016, the Conspirators activated X-Agent’s keylog and screenshot functions to capture the discussions of another DCCC Employee (“DCCC Employee 2”) about the DCCC’s finances, as well as her individual banking information and other personal topics.

25. On or about April 19, 2016, KOZACHEK, YERSHOV, and their co-conspirators remotely configured an overseas computer to relay communications between X-Agent malware and the AMS panel and then tested X-Agent’s ability to connect to this computer. The Conspirators referred to this computer as a “middle server.” The middle server acted as a proxy to obscure the connection between malware at the DCCC and the Conspirators’ AMS panel.

On or about April Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 9 of 29 10 20, 2016, the Conspirators directed X-Agent malware on the DCCC computers to connect to this middle server and receive directions from the Conspirators.

Hacking into the DNC Network
26. On or about April 18, 2016, the Conspirators hacked into the DNC’s computers through their access to the DCCC network. The Conspirators then installed and managed different types of malware (as they did in the DCCC network) to explore the DNC network and steal documents.

a. On or about April 18, 2016, the Conspirators activated X-Agent’s keylog and screenshot functions to steal credentials of a DCCC employee who was authorized to access the DNC network. The Conspirators hacked into the DNC network from the DCCC network using stolen credentials. By in or around June 2016, they gained access to approximately thirty-three DNC computers.

b. In or around April 2016, the Conspirators installed X-Agent malware on the DNC network, including the same versions installed on the DCCC network. MALYSHEV and his co-conspirators monitored the X-Agent malware from the AMS panel and captured data from the victim computers. The AMS panel collected thousands of keylog and screenshot results from the DCCC and DNC computers, such as a screenshot and keystroke capture of DCCC Employee 2 viewing the DCCC’s online banking information. Theft of DCCC and DNC Documents

27. The Conspirators searched for and identified computers within the DCCC and DNC networks that stored information related to the 2016 U.S. presidential election. For example, on or about April 15, 2016, the Conspirators searched one hacked DCCC computer for terms that included “hillary,” “cruz,” and “trump.” The Conspirators also copied select DCCC folders, including “Benghazi Investigations.” The Conspirators targeted computers containing information Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 10 of 29 11 such as opposition research and field operation plans for the 2016 elections.

28. To enable them to steal a large number of documents at once without detection, the Conspirators used a publicly available tool to gather and compress multiple documents on the DCCC and DNC networks. The Conspirators then used other GRU malware, known as “X-Tunnel,” to move the stolen documents outside the DCCC and DNC networks through encrypted channels. a. For example, on or about April 22, 2016, the Conspirators compressed gigabytes of data from DNC computers, including opposition research. The Conspirators later moved the compressed DNC data using X-Tunnel to a GRU-leased computer located in Illinois.

b. On or about April 28, 2016, the Conspirators connected to and tested the same computer located in Illinois. Later that day, the Conspirators used X-Tunnel to connect to that computer to steal additional documents from the DCCC network.

29. Between on or about May 25, 2016 and June 1, 2016, the Conspirators hacked the DNC Microsoft Exchange Server and stole thousands of emails from the work accounts of DNC employees. During that time, YERMAKOV researched PowerShell commands related to accessing and managing the Microsoft Exchange Server.

30. On or about May 30, 2016, MALYSHEV accessed the AMS panel in order to upgrade custom AMS software on the server. That day, the AMS panel received updates from approximately thirteen different X-Agent malware implants on DCCC and DNC computers.

31. During the hacking of the DCCC and DNC networks, the Conspirators covered their tracks by intentionally deleting logs and computer files. For example, on or about May 13, 2016, the Conspirators cleared the event logs from a DNC computer

. On or about June 20, 2016, the Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 11 of 29 12 Conspirators deleted logs from the AMS panel that documented their activities on the panel, including the login history. Efforts to Remain on the DCCC and DNC Networks

32. Despite the Conspirators’ efforts to hide their activity, beginning in or around May 2016, both the DCCC and DNC became aware that they had been hacked and hired a security company (“Company 1”) to identify the extent of the intrusions.

By in or around June 2016, Company 1 took steps to exclude intruders from the networks. Despite these efforts, a Linux-based version of X-Agent, programmed to communicate with the GRU-registered domain linuxkrnl.net, remained on the DNC network until in or around October 2016. 33. In response to Company 1’s efforts, the Conspirators took countermeasures to maintain access to the DCCC and DNC networks.

a. On or about May 31, 2016, YERMAKOV searched for open-source information about Company 1 and its reporting on X-Agent and X-Tunnel. On or about June 1, 2016, the Conspirators attempted to delete traces of their presence on the DCCC network using the computer program CCleaner.

b. On or about June 14, 2016, the Conspirators registered the domain actblues.com, which mimicked the domain of a political fundraising platform that included a DCCC donations page. Shortly thereafter, the Conspirators used stolen DCCC credentials to modify the DCCC website and redirect visitors to the actblues.com domain.

c. On or about June 20, 2016, after Company 1 had disabled X-Agent on the DCCC network, the Conspirators spent over seven hours unsuccessfully trying to connect to X-Agent. The Conspirators also tried to access the DCCC network using previously stolen credentials. Case 1:18-cr-00215-ABJ Document 1 Filed 07/13/18 Page 12 of 29 13

34. In or around September 2016, the Conspirators also successfully gained access to DNC computers hosted on a third-party cloud-computing service. These computers contained test applications related to the DNC’s analytics. After conducting reconnaissance, the Conspirators gathered data by creating backups, or “snapshots,” of the DNC’s cloud-based systems using the cloud provider’s own technology. The Conspirators then moved the snapshots to cloud-based accounts they had registered with the same service, thereby stealing the data from the DNC.

Can we get a TL;DR for the people that have jobs?
 

TheMikado

Banned
Your connection also has basically nonexistent security compared to the dnc server which would drastically slow down speeds.

Can we get a TL;DR for the people that have jobs?

I figured you wanted the specifics:

1) Russia send out phishing emails.
2) A couple of employee took the bait. Including entering their passwords and usernames
3) Russia used those accounts to get access to various servers to install X-agent software
4) They setup remote server in Arizona so that data traffic wouldn't appear suspicious
5) The continued monitoring and gaining more access.
6) DNC found out and hired a company to clear it out.
7) Russians realized they were found out but had a linux based version of X-agent on a DNC server.
8) Russians Setup second remote server in Illinois for passing and stealing large amounts of data.
9) Used X-Tunnel to create a tunnel and proxy for passing data to the US servers than on to Russia servers.
10) Got access to cloud based environment and made a "backup" buy subscribing to the same service and than migrating backups to their servers.
11) Tried to cover their tracks with CCcleaner (lol noobs), deleted event logs, and apparently had to look up powershell exchange commands to figure out how to steal emails.

To be honest, the methods used were really amateur hour and I could have done all of the same things rather easily. The DNC computer security really just bad, but that doesn't mean this wasn't a real and active hacking campaign.
 
D

Deleted member 12837

Unconfirmed Member
Your connection also has basically nonexistent security compared to the dnc server which would drastically slow down speeds.

You're going to have to go into a bit more detail to back this up (don't be shy, I'm a software engineer so I have the background).

I can't think of any reason why, once the system has been infiltrated and the attacker has privileged or root access, that there would be any sort of security measure in place that would slow down a data transfer. They should be able to do whatever they want on the compromised machine (punch holes through firewalls, bypass security scans for outgoing traffic, etc) as well as clean up after themselves to avoid immediate detection.

But I'm not a security engineer so it's not my area of expertise. Happy to be countered by a credible explanation.

I also would like to point out how disingenuous it is when people attack the victims of phishing attacks and try to paint them as idiots. Phishing attacks are incredibly effective. That's a huge reason why they're so popular and are increasing in volume. And that's just a study of the overall field. A highly targeted, carefully constructed attack on a specific group of people would be even more effective, because the net needed to be cast is much smaller and the attacker knows what shared weaknesses to exploit among that group.

Smart people fall for them. Trained people fall for them. Tech savvy engineers fall for them. There's a reason why so many companies, even big Silicon Valley software companies full of people who you'd think would never fall for such simple deceit, schedule mandatory training sessions for how to avoid them (among other things). There's a reason companies have Red Teams that regularly launch internal attacks.

I'm not pointing fingers at you specifically, Corderlain, since you haven't said anything of the sort. I've just come across a lot of it in other topics recently and figured it's only a matter of time before the argument shifts to that in here.
 
Last edited by a moderator:

Arkage

Banned
So it wasn't a hack.

https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

Data transfer speeds indicate a local USB thumb drive was used for the transfer.

E: someone manually took the files off the server, placed them on a flash drive locally, and from there what happened to them is in know.

You apparently have enough time to find a link but not enough time to read the 10 paragraph editor's note at the beginning basically framing it as a fringe conspiracy theory that slipped through their editorial process (but could be true nonetheless just like any quality conspiracy theory).

You're going to have to go into a bit more detail to back this up (don't be shy, I'm a software engineer so I have the background).

I can't think of any reason why, once the system has been infiltrated and the attacker has privileged or root access, that there would be any sort of security measure in place that would slow down a data transfer. They should be able to do whatever they want on the compromised machine (punch holes through firewalls, bypass security scans for outgoing traffic, etc) as well as clean up after themselves to avoid immediate detection.

But I'm not a security engineer so it's not my area of expertise. Happy to be countered by a credible explanation.

I also would like to point out how disingenuous it is when people attack the victims of phishing attacks and try to paint them as idiots. Phishing attacks are incredibly effective. That's a huge reason why they're so popular and are increasing in volume. And that's just a study of the overall field. A highly targeted, carefully constructed attack on a specific group of people would be even more effective, because the net needed to be cast is much smaller and the attacker knows what shared weaknesses to exploit among that group.

Smart people fall for them. Trained people fall for them. Tech savvy engineers fall for them. There's a reason why so many companies, even big Silicon Valley software companies full of people who you'd think would never fall for such simple deceit, schedule mandatory training sessions for how to avoid them (among other things). There's a reason companies have Red Teams that regularly launch internal attacks.

I'm not pointing fingers at you specifically, Corderlain, since you haven't said anything of the sort. I've just come across a lot of it in other topics recently and figured it's only a matter of time before the argument shifts to that in here.

No, you're completely right. Here's a breakdown by an actual security engineer on why the "speed was too fast", the "internal leaker," and the "forged Russian fingerprints" arguments are all garbage. It's a great breakdown. I'll have to save this link next time someone brings up this garbage conspiracy theory about "shadow government" and "the FBI/CIA covered up for Hillary and murdered people for it!" And by someone I mean Dev1lXYZ or Panda1. https://www.thenation.com/article/a-leak-or-a-hack-a-forum-on-the-vips-memo/#independent-review


Didn't Seth Rich- a Bernie Sanders supporter-who was upset that the DEMS were sidelining him for Hillary leak everything to Wikileaks and got deep sixed for it?

PSA to all thinking of posting in this thread as I'm continually annoyed seeing it getting bumped. Dev1lXYZ & Panda1 are going to keep jumping from conspiracy to conspiracy (as you can see in this quote and their previous comments) in an attempt to confuse/move goal posts/troll. The only way to win is to not play the game. This will be final post in this thread, peace.
 
Last edited:
Top Bottom