Existence Of Big Botnet Made From Small Routers Announced

A great many types of vulnerability-by-design in consumer routers have been public for a rather long time: Linksys, MikroTik, NETGEAR, TP-Link, and other vendors, have — for the entire history of this product type — been selling boxes that are, essentially, public toilets, free for the remote taking by any reasonably-intelligent teenager.

It appears that this "news" has finally percolated down through the drains and into the dark cellars where USG gendarmerie dwell. As part of their regular work to force the replacement of systems containing old, burned NSA-authored vulnerabilities, with new and fresh ones — USG.FBI have recently turned their attention to consumer routers.

The lively petri dish of self-propagating shitware now commonly known to be dwelling in the NSA victims' home routers, has been officially blamed on Putin's omnipotent DNC-diddling brigade. Respectable, non-terrorist USG subjects will, presumably, be issued new, "clean" routers, in the nearest future.

The burning of these vulnerabilities was handled by having "researchers" affiliated with Cisco unveil the presence of a botnet populated by ~500,000 small routers commandeered by an artful piece of malware which persists across device reboots (archived). Meanwhile, Cisco continues having its own profound and self-inflicted security issues.

US Kangaroo Court Issues Conviction For Kidnapped Antivirus Operator

On May 16, 2018, A USG kangaroo court convicted one Mr. Ruslan Bondars, a "non-citizen"1 of USG marionette state Latvia, of "one count of conspiracy to violate the Computer Fraud and Abuse Act, one count of conspiracy to commit wire fraud, and one count of computer intrusion with intent to cause damage".

Mr. Bondars was brutally kidnapped under colour of law by USG.FBI thugs, with the cooperation of local quislings;2 held incommunicado and flown in secret to USA; brought to "trial" — and summarily convicted of all charges — for operating a WWW site called Scan4you. This appears to have been a service essentially-identical to more well-known items like VirusTotal (the latter — acquired by Google in 2012, reputedly for $0.5B USD); visitors could submit executables and view results from testing their submissions against popular MS-Windows antivirus programs.

However, unlike VirusTotal and other USG properties, Scan4you did not forward all user submissions to USG agents (Microsoft, alphabet-soup agencies, et al). In the words of the prosecuting Freisler:

"Scan4you differed from legitimate antivirus scanning services in multiple ways. For example, while legitimate scanning services share data about uploaded files with the antivirus community and notify their users that they will do so, Scan4you instead informed its users that they could upload files anonymously and promised not to share information about the uploaded files with the antivirus community."

Mr. Bondars now faces a 35-year sentence, "…as a warning to those who aid and abet criminal hackers".

The "Newton's Laws" governing this type of witch trial are, of course, quite well-known:

"Practically speaking, understand that one does not get to exist in the US sphere without being a tool of the USG.

You can't have a bank that does banking : either it does policing work for the USG or it gets burned down. You can't be an investor : either you push the USG agenda ad idem or else they come take your shit." —
"On how the factored 4096 RSA keys story was handled, and what it means to you." (Mircea Popescu)

It appears that the NATO Reich is moving ahead with its long-term plan to add vulnerability research to the list (already occupied by, e.g., banking) of formally declared Reich monopolies.


  1. Mr. Bondars is a citizen of the USSR, and appears to have been, along with millions of others, "unpersoned" by the USG Baltic Bantustan formed after the May 1990 destruction of the Latvian Soviet Socialist Republic. Citizenship under the new regime was not granted to all persons lawfully residing there under the old one, but was contingent on demonstrating knowledge of the local monkey language (about a fifth of the population qualified) and taking a loyalty oath to the new quisling government. 

  2. Explicitly credited by USG: "The Government of Latvia, including the Latvia State Police International Cooperation Department, the Latvia State Police Cybercrime Unit, and the General Prosecutor’s Office of the Republic of Latvia – International Cooperation Division, provided assistance and support during the investigation." 

Europol Arrests Unnamed Man For Politely Persuading Eurobanks To Part With Cash

On Monday, March 26, armed thugs representing themselves as "Spanish National Police, with the support of Europol, the US FBI, the Romanian, Belarussian and Taiwanese authorities and private cyber security companies" arrested a yet-unnamed "mastermind" — who stands accused of causing "cumulative losses of over EUR 1 billion for the financial industry". And apparently this is not difficult:

"In all these attacks, a similar modus operandi was used. The criminals would send out to bank employees spear phishing emails with a malicious attachment impersonating legitimate companies. Once downloaded, the malicious software allowed the criminals to remotely control the victims’ infected machines, giving them access to the internal banking network and infecting the servers controlling the ATMs. This provided them with the knowledge they needed to cash out the money."

I.e. chair warmers were asked politely to install "Back Orifice" — and they (whether out of stupidity, or in exchange for a cut of the take — we are not told) obliged. As for MS-Windows, installed on bank infrastructure and in ATM boxes all over Europe: it, in turn, worked precisely as it was designed to work.

As of the time of this writing, the number of "bank employees" arrested in connection with their indispensable work in making this heist possible — stands at: zero. Likewise, the number of Microsoft executives held to answer for the very existence of "infectious attachments" as a concept — stands also at zero.1

The "mastermind" and his merry men also stand accused of Bernankeization without a license:

"Databases with account information were modified so bank accounts balance would be inflated, with money mules then being used to collect the money."

Magicking money into existence from thin air is, we learn, A-OK when carried out from a well-pedigreed bag of lard parked in an Aeron in New York — but not so much when it is done by non-bluebloods and on the wrong side of the Atlantic.

The accused, presently nameless — and held incommunicado — also stand to be punished for the unforgivable USG.crime of having "laundered via cryptocurrencies".


  1. On the other hand, the EU bureaucracy informs us that the "perpetrator" of this "crime" supposedly was "vacationing in Spain" — rather suspiciously similar to the previous three major USG.kidnapping-under-the-colour-of-law victims; evidently crafting a replacement cover story for USG thugs' free hand in lifting people straight from the streets of Bucharest & elsewhere, would overrun the budget?  

Nine Citizens of Iran Given the Honour of Inclusion in USG.FBI's 'Wanted List'

On Friday, March 23, USG once more indulged its recently-acquired taste for indicting in absentia loyal soldiers of a sovereign nation — this time, nine signals-intelligence professionals residing in, and lawful citizens of, Iran. For carrying out their duties in service to their sovereign, USG saw it fit to charge (archived OCR) them in USG kangaroo court with the USG.crime of "Conspiracy to Commit Computer Intrusions".

For the role of "victims" of this "crime", USG chief prosecutor Rosenstein cast:

"… 144 U.S. universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund",

from whom the "criminals" have "stolen" "…more than 31 terabytes of academic data and intellectual property".

Interestingly, the most unforgivable USG.crime committed by the accused appears to have been a successful attempt to… re-create, in-house, "SciHub":

"The members of the conspiracy used stolen account credentials to obtain unauthorized access to victim professor accounts, which they used to steal research, and other academic data and documents, including, among other things, academic journals, theses, dissertations, and electronic books. The defendants targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields. The defendants stole at least approximately 31.5 terabytes of academic data and intellectual property, which they exfiltrated to servers outside the United States that were under the control of members of the conspiracy… …Megapaper sold stolen academic resources to customers within Iran, including Iran-based public universities and institutions, and Gigapaper sold a service to customers within Iran whereby purchasing customers could use compromised university professor accounts to directly access the online library systems of particular U.S.-based and foreign universities."

I.e. roughly the same act of "terrorism" for which Aaron Swartz was hanged in New York in 2013.

It is worth noting that, while USG at one time, not so long ago, had "long hands" in Iran, these hands have recently acquired a tendency to get abruptly shortenedIranian-style. Therefore it remains unclear how, if at all, USG intends to bring the nine "criminals" to "justice". And one may safely suppose that the only people likely to hang in connection to this "conspiracy"… are the remaining USG moles in Iran, who supplied Rosenstein and his assistant Freislers with their "evidence".

"31337 w4r3z" in our time.

NSA's Payload for the 'Phuctorable' MikroTik Routers Found

Kaspersky Inc has published an analysis (archived) of a MS Windows rootkit, therein nicknamed "Slingshot".

The item exhibits the traditional smell of USG-authored shitware, e.g. validly-signed Windows drivers for the persistence layer. However the more interesting aspect is that it is spread via infected routers, of a type which, astonishingly even for consumer shitware, forces the execution of a x86 Windows binary for initial configuration.

An infected router dutifully augments this configurator with a rootkit installer; the rootkit, in turn, contains the typical keylogger and saved-password-collector, network topology probe, etc. components.

The more interesting and "unmentioned/unmentionable" aspect is however the identity of the router's manufacturer:

MikroTik. That very same Latvian USG shill company that's been deploying routers with nonfunctional RNGs and trivially-Phuctorable SSH keys for its entire existence. And dutifully spreads obfuscatory squid ink whenever the danger of public exposure seems acute.

113 GigaWatt Hours Go Missing In Europe

The possibility of converting electrical current, wherever found, directly into coin appears to have added yet another fungible item to the list of socialist "people's properties" liable to get spontaneously "redistributed" by their "servant leader" caretakers — via the quite familiar, to inhabitants of the ex-soviet world, "complicated dance through which to steal the shebang while leaving behind the appearance, in the manner of termites".

Concretely: the European Union's "Continental European Power System", "a large synchronized area stretching from Spain to Turkey and from Poland to Netherlands; encompassing 25 countries", reported (archived) on March 6, 2018, a sudden energy deficit summing to 113 GWh (i.e. 3.6 terajoules):

The power deviations are originating from the control area called Serbia, Macedonia, Montenegro (SMM block) and specifically Kosovo and Serbia. The power deviations have led to a slight decrease in the electric frequency average. This average frequency deviation, that has never happened in any similar way in the CE Power system, must cease. The missing energy amounts currently to 113 GWh. The question of who will compensate for this loss has to be answered.

MtGox Coins Getting Dumped In Waterfall

A March 7, 2018 report (archived) by the MtGox liquidator to the Tokyo District Court
indicated that 35,841.00701 BTC and 34,008.00701 BCC — corresponding to some portion of the coins looted from the MtGox userbase in 2014 — have in recent months lavishly fed the waterfall, i.e. sold for fiat (42,988,044,343 JPY, ~= 405.4M USD at today's rate.)

Acute Pantsuit Inconsistency Shows Internal Disregard For Their Illusion of "Franchise"

On February 12, 2018:

The United States warned the Democratic Republic of Congo on Monday against using an electronic voting system for a long-delayed presidential election in December this year because it has the potential to undermine the credibility of the poll. U.S. Ambassador to the United Nations Nikki Haley told an informal U.N. Security Council meeting on the Congolese electoral process that deploying "an unfamiliar technology for the first time during a crucial election is an enormous risk."

Two days later:

Congressional Democrats introduced legislation on Wednesday that would provide more than $1 billion to boost cyber security of U.S. voting systems, and Vice President Mike Pence defended the administration’s efforts to protect polls from hackers…. "We cannot let the Russians laugh about and take joy in the success they had in the last election," Nancy Pelosi, the Democratic leader in the House of Representatives, told a news conference. "Their goal is to undermine democracy."

The hidden gem, of course being:

The Democrats’ Election Security Act would allocate $1 billion in grants, overseen by the U.S. Election Commission, this year to help states buy voting machines that incorporate backup paper ballots, hire security staff and conduct risk assessments.

That is to say: a lightly-cloaked mandate for the installation of Diebold-style "user friendly" mechanisms for untraceable ballot-stuffing in place of the traditional paper-punch machines which were reintroduced in a number of U.S. states following the 2004 "hanging chads" e-voting election. And, naturally, a quite-undisguised mandate for the institution of a centralized bureaucracy which will centrally supply properly kosher voting machines, centrally networked, which are to produce properly kosher, per the DNC's lights, electoral outcomes.

It would seem that USG now pushes one voodoo in one of its Congoes, and a polar-opposite hoodoo in the other, without – unsurprisingly – much in the way of an explanation.