home.social

#caleamalware — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #caleamalware, aggregated by home.social.

  1. In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.

    #CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀

    #RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀

    Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀

    #SIC 🤝 #HIC 🤝 ⚖️ 🤝 👨‍⚖️🤝👩‍⚖️🤝📰

  2. In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.

    #CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀

    #RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀

    Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀

    #SIC 🤝 #HIC 🤝 ⚖️ 🤝 👨‍⚖️🤝👩‍⚖️🤝📰

  3. In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.

    #CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀

    #RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀

    Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀

    #SIC 🤝 #HIC 🤝 ⚖️ 🤝 👨‍⚖️🤝👩‍⚖️🤝📰

  4. In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.

    #CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀

    #RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀

    Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀

    #SIC 🤝 #HIC 🤝 ⚖️ 🤝 👨‍⚖️🤝👩‍⚖️🤝📰

  5. In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.

    #CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀

    #RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀

    Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀

    #SIC 🤝 #HIC 🤝 ⚖️ 🤝 👨‍⚖️🤝👩‍⚖️🤝📰

  6. This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.

    #VirusTotal

    Fastly DNS GammaGroup FinFisher FinSpy
    Attaccc Node Proxy IP : 151.101.3.52

    #Fastly #DNS
    #GamaGroup #FinFisher #FinSpy #AttacccProxyServers

    virustotal.com/graph/embed/gb9

    Rescanned today after 2 months of not being scanned.

    #infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news

  7. This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.

    #VirusTotal

    Fastly DNS GammaGroup FinFisher FinSpy
    Attaccc Node Proxy IP : 151.101.3.52

    #Fastly #DNS
    #GamaGroup #FinFisher #FinSpy #AttacccProxyServers

    virustotal.com/graph/embed/gb9

    Rescanned today after 2 months of not being scanned.

    #infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news

  8. This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.

    #VirusTotal

    Fastly DNS GammaGroup FinFisher FinSpy
    Attaccc Node Proxy IP : 151.101.3.52

    #Fastly #DNS
    #GamaGroup #FinFisher #FinSpy #AttacccProxyServers

    virustotal.com/graph/embed/gb9

    Rescanned today after 2 months of not being scanned.

    #infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news

  9. This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.

    #VirusTotal

    Fastly DNS GammaGroup FinFisher FinSpy
    Attaccc Node Proxy IP : 151.101.3.52

    #Fastly #DNS
    #GamaGroup #FinFisher #FinSpy #AttacccProxyServers

    virustotal.com/graph/embed/gb9

    Rescanned today after 2 months of not being scanned.

    #infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news

  10. @jerry @cR0w

    ' the effects can be seen *gestures* .... Downstream. 💦 '

    Had a similar run in banking wise a few years ago. Bank ended up getting class actioned & sued also. 👨‍⚖️👩‍⚖️⚖️

    One of the many reasons I can't/don't bank, online, ever due to the greylisted market of #CALEAmalware families

    ☣️ #malware ☣️ #StateSponsoredMalware ☣️

    They are total Psychopaths.

    They also have names that have been published with full dossiers also.

  11. Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?

    #infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐

  12. Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?

    #infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐

  13. Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?

    #infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐

  14. Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?

    #infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐

  15. Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?

    #infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐

  16. CW: #Twitter update : #malware🤝#infosec - Twitter❄️🤝 #uspol news 🤝 #racists

    So went to check on #Twitter today...

    Ohhhh what a meltdown over there in the alt-Reich ❄️ flake land after the #uspol announcement today.

    ¹ The racists were out in force outing themselves, again, 💯

    ² The Zero Posting bots were out doing the usual, following anything to pump up the number of accounts

    ³ Increasing calls for violence against the opposite side of the aisle

    ⁴ Documented another Twitter IP big ole #malware node with #GammaGroup's #FinFisher #FinSpy I had Documented before as a phishing and malware spreader node

    Fun times? Nah. Lame. ¯\_(ツ)_/¯

    ⁵ Added a old meme about Twitter
    ❄️🤝🙅‍♂️🤝📰 Cites as a meme. 😂
    Still funny. 💯🤗

    #malware #Twitter #GammaGroup #FinFisher #FinSpy #Finsky #CALEAmalware #CALEA #GreyMarket #investigations #RTNDA #infosec #NotNews #news

    #VirusTotal
    virustotal.com/graph/embed/gf0

  17. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST

    Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.

    #FinFisherCom🤝#EnemyOfTheInternet

    #CALEA #greymarket #CALEAmalware 🔍🧐#infosec

    ¹
    40.115.118.6

    ²
    40.115.117.30

    ³ (fast .ly)
    151.101.41.184


    172.56.140.14


    173.194.166.106


    173.194.166.106


    199.232.92.157

    ⁸ Twitter
    104.244.42.66


    151.101.190.110

    ¹⁰
    138.91.55.166

    ¹¹
    192.229.173.16

    ¹² Twitter
    104.244.42.139

    ¹³
    173.194.166.171

    ¹⁴
    152.199.24.185

    ¹⁵
    165.254.198.210

    ¹⁶ Fast .ly
    151.101.42.2

    ¹⁷ Twitter
    104.244.42.70

    ¹⁸ Fast .ly
    151.101.40.193

    ¹⁹ Twitter
    104.244.42.134

    ²⁰ Fast .ly
    151.101.40.84

    ²¹
    216.239.34.117

    ²²
    104.26.2.192

    ²³
    104.26.3.192

    ²⁴
    172.67.72.251

    ²⁵
    redirect.redhat.com

    ²⁶
    192.229.210.163

    ²⁷
    172.67.28.154

    ²⁸
    104.18.10.19

    ²⁹
    104.244.42.69

    ³⁰
    944ellb0102-vip01.blackmesh.com

    ³¹
    151.101.41.67

    ³² Fast .ly
    151.101.40.81

    ³³
    104.26.10.153

    ³⁴
    151.101.41.188

    ³⁵
    104.26.13.149

    ³⁶
    104.26.12.149

    ³⁷
    63.241.199.113

    ³⁸ Local ISP exploit try ip (private)
    192.0.66.2

    ³⁹
    162.159.153.4

    ⁴⁰
    104.18.16.202

    ⁴¹
    104.26.3.29

    ⁴²
    104.26.2.29

    ⁴³ NYC Twitter
    72.21.91.70

    ⁴⁴ Fast .ly
    151.101.2.187

    ⁴⁵ Fast .ly
    151.101.66.187

    ⁴⁶
    13.86.218.255

    ⁴⁷
    209.234.235.188

    ⁴⁸
    104.26.15.185

    ⁴⁹
    172.67.69.125

    ⁵⁰
    52.239.139.228

    ⁵¹
    104.17.83.11

    ⁵²
    104.17.32.62

    ⁵³
    104.244.42.130

    ⁵⁴
    20.189.172.0

    ⁵⁵
    172.67.222.28

    ⁵⁶
    151.101.41.73

    ⁵⁷
    13.86.218.248

    ⁵⁸
    104.27.203.89

    ⁵⁹
    104.16.13.194

    ⁶⁰
    104.244.42.133

    ⁶¹
    151.101.130.132

    ⁶²
    172.67.73.80

    ⁶³
    104.26.6.15

    ⁶⁴
    104.22.33.123

    ⁶⁵
    dns11.quad9.net

    ⁶⁶
    104.244.42.198

    ⁶⁷
    104.244.42.2

    ⁶⁸
    104.244.43.131

    ⁶⁹
    208.54.152.122

    ⁷⁰
    208.54.150.98

    ⁷¹
    52.236.40.36

    ⁷²
    104.18.23.15

    ⁷³
    104.26.1.5

    ⁷⁴
    172.67.71.43

    ⁷⁵
    199.232.93.184

    ⁷⁶
    151.101.2.217

    ⁷⁷
    199.232.92.81

    ⁷⁸
    104.26.0.5

    ⁷⁹
    151.101.130.217

    ⁸⁰
    151.101.66.217

    ⁸¹
    104.26.6.18

    ⁸²
    104.18.22.15

    ⁸³
    104.26.7.18

    ⁸⁴
    104.21.78.132

    ⁸⁵
    104.244.42.6

    ⁸⁶
    199.232.92.200

    ⁸⁷
    20.60.40.36

    ⁸⁸
    52.245.40.74

    ⁸⁹
    104.244.42.194

    ⁹⁰
    199.232.94.110

    ⁹¹
    172.67.72.57

    ⁹²
    192.229.173.16

    ⁹³
    104.244.42.193

    ⁹⁴
    208.54.106.98

    ⁹⁵
    104.244.42.65

    ⁹⁶
    104.244.42.193

    ⁹⁷
    151.101.67.52

    ⁹⁸
    104.244.42.3

    ⁹⁹
    151.101.67.52

    ¹⁰⁰
    104.244.42.1

    ¹⁰¹
    192.229.173.16

    ¹⁰²
    151.101.40.159

    ¹⁰³
    104.244.42.11

    ¹⁰⁴
    152.199.24.185

    ¹⁰⁵
    152.199.24.185

    This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.

    Cities:
    ¹
    reddit.com/r/netzpolitik/comme

    ²
    en.wikipedia.org/wiki/FinFishe

    ³
    spiegel.de/netzwelt/netzpoliti


    netzpolitik.org/2022/nach-pfae


    securityweek.com/german-author


    bloomberg.com/news/articles/20

    #RTDNA #StateSponsoredMalware#SSM#malware

  18. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST

    Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.

    #FinFisherCom🤝#EnemyOfTheInternet

    #CALEA #greymarket #CALEAmalware 🔍🧐#infosec

    ¹
    40.115.118.6

    ²
    40.115.117.30

    ³ (fast .ly)
    151.101.41.184


    172.56.140.14


    173.194.166.106


    173.194.166.106


    199.232.92.157

    ⁸ Twitter
    104.244.42.66


    151.101.190.110

    ¹⁰
    138.91.55.166

    ¹¹
    192.229.173.16

    ¹² Twitter
    104.244.42.139

    ¹³
    173.194.166.171

    ¹⁴
    152.199.24.185

    ¹⁵
    165.254.198.210

    ¹⁶ Fast .ly
    151.101.42.2

    ¹⁷ Twitter
    104.244.42.70

    ¹⁸ Fast .ly
    151.101.40.193

    ¹⁹ Twitter
    104.244.42.134

    ²⁰ Fast .ly
    151.101.40.84

    ²¹
    216.239.34.117

    ²²
    104.26.2.192

    ²³
    104.26.3.192

    ²⁴
    172.67.72.251

    ²⁵
    redirect.redhat.com

    ²⁶
    192.229.210.163

    ²⁷
    172.67.28.154

    ²⁸
    104.18.10.19

    ²⁹
    104.244.42.69

    ³⁰
    944ellb0102-vip01.blackmesh.com

    ³¹
    151.101.41.67

    ³² Fast .ly
    151.101.40.81

    ³³
    104.26.10.153

    ³⁴
    151.101.41.188

    ³⁵
    104.26.13.149

    ³⁶
    104.26.12.149

    ³⁷
    63.241.199.113

    ³⁸ Local ISP exploit try ip (private)
    192.0.66.2

    ³⁹
    162.159.153.4

    ⁴⁰
    104.18.16.202

    ⁴¹
    104.26.3.29

    ⁴²
    104.26.2.29

    ⁴³ NYC Twitter
    72.21.91.70

    ⁴⁴ Fast .ly
    151.101.2.187

    ⁴⁵ Fast .ly
    151.101.66.187

    ⁴⁶
    13.86.218.255

    ⁴⁷
    209.234.235.188

    ⁴⁸
    104.26.15.185

    ⁴⁹
    172.67.69.125

    ⁵⁰
    52.239.139.228

    ⁵¹
    104.17.83.11

    ⁵²
    104.17.32.62

    ⁵³
    104.244.42.130

    ⁵⁴
    20.189.172.0

    ⁵⁵
    172.67.222.28

    ⁵⁶
    151.101.41.73

    ⁵⁷
    13.86.218.248

    ⁵⁸
    104.27.203.89

    ⁵⁹
    104.16.13.194

    ⁶⁰
    104.244.42.133

    ⁶¹
    151.101.130.132

    ⁶²
    172.67.73.80

    ⁶³
    104.26.6.15

    ⁶⁴
    104.22.33.123

    ⁶⁵
    dns11.quad9.net

    ⁶⁶
    104.244.42.198

    ⁶⁷
    104.244.42.2

    ⁶⁸
    104.244.43.131

    ⁶⁹
    208.54.152.122

    ⁷⁰
    208.54.150.98

    ⁷¹
    52.236.40.36

    ⁷²
    104.18.23.15

    ⁷³
    104.26.1.5

    ⁷⁴
    172.67.71.43

    ⁷⁵
    199.232.93.184

    ⁷⁶
    151.101.2.217

    ⁷⁷
    199.232.92.81

    ⁷⁸
    104.26.0.5

    ⁷⁹
    151.101.130.217

    ⁸⁰
    151.101.66.217

    ⁸¹
    104.26.6.18

    ⁸²
    104.18.22.15

    ⁸³
    104.26.7.18

    ⁸⁴
    104.21.78.132

    ⁸⁵
    104.244.42.6

    ⁸⁶
    199.232.92.200

    ⁸⁷
    20.60.40.36

    ⁸⁸
    52.245.40.74

    ⁸⁹
    104.244.42.194

    ⁹⁰
    199.232.94.110

    ⁹¹
    172.67.72.57

    ⁹²
    192.229.173.16

    ⁹³
    104.244.42.193

    ⁹⁴
    208.54.106.98

    ⁹⁵
    104.244.42.65

    ⁹⁶
    104.244.42.193

    ⁹⁷
    151.101.67.52

    ⁹⁸
    104.244.42.3

    ⁹⁹
    151.101.67.52

    ¹⁰⁰
    104.244.42.1

    ¹⁰¹
    192.229.173.16

    ¹⁰²
    151.101.40.159

    ¹⁰³
    104.244.42.11

    ¹⁰⁴
    152.199.24.185

    ¹⁰⁵
    152.199.24.185

    This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.

    Cities:
    ¹
    reddit.com/r/netzpolitik/comme

    ²
    en.wikipedia.org/wiki/FinFishe

    ³
    spiegel.de/netzwelt/netzpoliti


    netzpolitik.org/2022/nach-pfae


    securityweek.com/german-author


    bloomberg.com/news/articles/20

    #RTDNA #StateSponsoredMalware#SSM#malware

  19. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST

    Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.

    #FinFisherCom🤝#EnemyOfTheInternet

    #CALEA #greymarket #CALEAmalware 🔍🧐#infosec

    ¹
    40.115.118.6

    ²
    40.115.117.30

    ³ (fast .ly)
    151.101.41.184


    172.56.140.14


    173.194.166.106


    173.194.166.106


    199.232.92.157

    ⁸ Twitter
    104.244.42.66


    151.101.190.110

    ¹⁰
    138.91.55.166

    ¹¹
    192.229.173.16

    ¹² Twitter
    104.244.42.139

    ¹³
    173.194.166.171

    ¹⁴
    152.199.24.185

    ¹⁵
    165.254.198.210

    ¹⁶ Fast .ly
    151.101.42.2

    ¹⁷ Twitter
    104.244.42.70

    ¹⁸ Fast .ly
    151.101.40.193

    ¹⁹ Twitter
    104.244.42.134

    ²⁰ Fast .ly
    151.101.40.84

    ²¹
    216.239.34.117

    ²²
    104.26.2.192

    ²³
    104.26.3.192

    ²⁴
    172.67.72.251

    ²⁵
    redirect.redhat.com

    ²⁶
    192.229.210.163

    ²⁷
    172.67.28.154

    ²⁸
    104.18.10.19

    ²⁹
    104.244.42.69

    ³⁰
    944ellb0102-vip01.blackmesh.com

    ³¹
    151.101.41.67

    ³² Fast .ly
    151.101.40.81

    ³³
    104.26.10.153

    ³⁴
    151.101.41.188

    ³⁵
    104.26.13.149

    ³⁶
    104.26.12.149

    ³⁷
    63.241.199.113

    ³⁸ Local ISP exploit try ip (private)
    192.0.66.2

    ³⁹
    162.159.153.4

    ⁴⁰
    104.18.16.202

    ⁴¹
    104.26.3.29

    ⁴²
    104.26.2.29

    ⁴³ NYC Twitter
    72.21.91.70

    ⁴⁴ Fast .ly
    151.101.2.187

    ⁴⁵ Fast .ly
    151.101.66.187

    ⁴⁶
    13.86.218.255

    ⁴⁷
    209.234.235.188

    ⁴⁸
    104.26.15.185

    ⁴⁹
    172.67.69.125

    ⁵⁰
    52.239.139.228

    ⁵¹
    104.17.83.11

    ⁵²
    104.17.32.62

    ⁵³
    104.244.42.130

    ⁵⁴
    20.189.172.0

    ⁵⁵
    172.67.222.28

    ⁵⁶
    151.101.41.73

    ⁵⁷
    13.86.218.248

    ⁵⁸
    104.27.203.89

    ⁵⁹
    104.16.13.194

    ⁶⁰
    104.244.42.133

    ⁶¹
    151.101.130.132

    ⁶²
    172.67.73.80

    ⁶³
    104.26.6.15

    ⁶⁴
    104.22.33.123

    ⁶⁵
    dns11.quad9.net

    ⁶⁶
    104.244.42.198

    ⁶⁷
    104.244.42.2

    ⁶⁸
    104.244.43.131

    ⁶⁹
    208.54.152.122

    ⁷⁰
    208.54.150.98

    ⁷¹
    52.236.40.36

    ⁷²
    104.18.23.15

    ⁷³
    104.26.1.5

    ⁷⁴
    172.67.71.43

    ⁷⁵
    199.232.93.184

    ⁷⁶
    151.101.2.217

    ⁷⁷
    199.232.92.81

    ⁷⁸
    104.26.0.5

    ⁷⁹
    151.101.130.217

    ⁸⁰
    151.101.66.217

    ⁸¹
    104.26.6.18

    ⁸²
    104.18.22.15

    ⁸³
    104.26.7.18

    ⁸⁴
    104.21.78.132

    ⁸⁵
    104.244.42.6

    ⁸⁶
    199.232.92.200

    ⁸⁷
    20.60.40.36

    ⁸⁸
    52.245.40.74

    ⁸⁹
    104.244.42.194

    ⁹⁰
    199.232.94.110

    ⁹¹
    172.67.72.57

    ⁹²
    192.229.173.16

    ⁹³
    104.244.42.193

    ⁹⁴
    208.54.106.98

    ⁹⁵
    104.244.42.65

    ⁹⁶
    104.244.42.193

    ⁹⁷
    151.101.67.52

    ⁹⁸
    104.244.42.3

    ⁹⁹
    151.101.67.52

    ¹⁰⁰
    104.244.42.1

    ¹⁰¹
    192.229.173.16

    ¹⁰²
    151.101.40.159

    ¹⁰³
    104.244.42.11

    ¹⁰⁴
    152.199.24.185

    ¹⁰⁵
    152.199.24.185

    This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.

    Cities:
    ¹
    reddit.com/r/netzpolitik/comme

    ²
    en.wikipedia.org/wiki/FinFishe

    ³
    spiegel.de/netzwelt/netzpoliti


    netzpolitik.org/2022/nach-pfae


    securityweek.com/german-author


    bloomberg.com/news/articles/20

    #RTDNA #StateSponsoredMalware#SSM#malware

  20. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST

    Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.

    #FinFisherCom🤝#EnemyOfTheInternet

    #CALEA #greymarket #CALEAmalware 🔍🧐#infosec

    ¹
    40.115.118.6

    ²
    40.115.117.30

    ³ (fast .ly)
    151.101.41.184


    172.56.140.14


    173.194.166.106


    173.194.166.106


    199.232.92.157

    ⁸ Twitter
    104.244.42.66


    151.101.190.110

    ¹⁰
    138.91.55.166

    ¹¹
    192.229.173.16

    ¹² Twitter
    104.244.42.139

    ¹³
    173.194.166.171

    ¹⁴
    152.199.24.185

    ¹⁵
    165.254.198.210

    ¹⁶ Fast .ly
    151.101.42.2

    ¹⁷ Twitter
    104.244.42.70

    ¹⁸ Fast .ly
    151.101.40.193

    ¹⁹ Twitter
    104.244.42.134

    ²⁰ Fast .ly
    151.101.40.84

    ²¹
    216.239.34.117

    ²²
    104.26.2.192

    ²³
    104.26.3.192

    ²⁴
    172.67.72.251

    ²⁵
    redirect.redhat.com

    ²⁶
    192.229.210.163

    ²⁷
    172.67.28.154

    ²⁸
    104.18.10.19

    ²⁹
    104.244.42.69

    ³⁰
    944ellb0102-vip01.blackmesh.com

    ³¹
    151.101.41.67

    ³² Fast .ly
    151.101.40.81

    ³³
    104.26.10.153

    ³⁴
    151.101.41.188

    ³⁵
    104.26.13.149

    ³⁶
    104.26.12.149

    ³⁷
    63.241.199.113

    ³⁸ Local ISP exploit try ip (private)
    192.0.66.2

    ³⁹
    162.159.153.4

    ⁴⁰
    104.18.16.202

    ⁴¹
    104.26.3.29

    ⁴²
    104.26.2.29

    ⁴³ NYC Twitter
    72.21.91.70

    ⁴⁴ Fast .ly
    151.101.2.187

    ⁴⁵ Fast .ly
    151.101.66.187

    ⁴⁶
    13.86.218.255

    ⁴⁷
    209.234.235.188

    ⁴⁸
    104.26.15.185

    ⁴⁹
    172.67.69.125

    ⁵⁰
    52.239.139.228

    ⁵¹
    104.17.83.11

    ⁵²
    104.17.32.62

    ⁵³
    104.244.42.130

    ⁵⁴
    20.189.172.0

    ⁵⁵
    172.67.222.28

    ⁵⁶
    151.101.41.73

    ⁵⁷
    13.86.218.248

    ⁵⁸
    104.27.203.89

    ⁵⁹
    104.16.13.194

    ⁶⁰
    104.244.42.133

    ⁶¹
    151.101.130.132

    ⁶²
    172.67.73.80

    ⁶³
    104.26.6.15

    ⁶⁴
    104.22.33.123

    ⁶⁵
    dns11.quad9.net

    ⁶⁶
    104.244.42.198

    ⁶⁷
    104.244.42.2

    ⁶⁸
    104.244.43.131

    ⁶⁹
    208.54.152.122

    ⁷⁰
    208.54.150.98

    ⁷¹
    52.236.40.36

    ⁷²
    104.18.23.15

    ⁷³
    104.26.1.5

    ⁷⁴
    172.67.71.43

    ⁷⁵
    199.232.93.184

    ⁷⁶
    151.101.2.217

    ⁷⁷
    199.232.92.81

    ⁷⁸
    104.26.0.5

    ⁷⁹
    151.101.130.217

    ⁸⁰
    151.101.66.217

    ⁸¹
    104.26.6.18

    ⁸²
    104.18.22.15

    ⁸³
    104.26.7.18

    ⁸⁴
    104.21.78.132

    ⁸⁵
    104.244.42.6

    ⁸⁶
    199.232.92.200

    ⁸⁷
    20.60.40.36

    ⁸⁸
    52.245.40.74

    ⁸⁹
    104.244.42.194

    ⁹⁰
    199.232.94.110

    ⁹¹
    172.67.72.57

    ⁹²
    192.229.173.16

    ⁹³
    104.244.42.193

    ⁹⁴
    208.54.106.98

    ⁹⁵
    104.244.42.65

    ⁹⁶
    104.244.42.193

    ⁹⁷
    151.101.67.52

    ⁹⁸
    104.244.42.3

    ⁹⁹
    151.101.67.52

    ¹⁰⁰
    104.244.42.1

    ¹⁰¹
    192.229.173.16

    ¹⁰²
    151.101.40.159

    ¹⁰³
    104.244.42.11

    ¹⁰⁴
    152.199.24.185

    ¹⁰⁵
    152.199.24.185

    This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.

    Cities:
    ¹
    reddit.com/r/netzpolitik/comme

    ²
    en.wikipedia.org/wiki/FinFishe

    ³
    spiegel.de/netzwelt/netzpoliti


    netzpolitik.org/2022/nach-pfae


    securityweek.com/german-author


    bloomberg.com/news/articles/20

    #RTDNA #StateSponsoredMalware#SSM#malware

  21. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST

    Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.

    #FinFisherCom🤝#EnemyOfTheInternet

    #CALEA #greymarket #CALEAmalware 🔍🧐#infosec

    ¹
    40.115.118.6

    ²
    40.115.117.30

    ³ (fast .ly)
    151.101.41.184


    172.56.140.14


    173.194.166.106


    173.194.166.106


    199.232.92.157

    ⁸ Twitter
    104.244.42.66


    151.101.190.110

    ¹⁰
    138.91.55.166

    ¹¹
    192.229.173.16

    ¹² Twitter
    104.244.42.139

    ¹³
    173.194.166.171

    ¹⁴
    152.199.24.185

    ¹⁵
    165.254.198.210

    ¹⁶ Fast .ly
    151.101.42.2

    ¹⁷ Twitter
    104.244.42.70

    ¹⁸ Fast .ly
    151.101.40.193

    ¹⁹ Twitter
    104.244.42.134

    ²⁰ Fast .ly
    151.101.40.84

    ²¹
    216.239.34.117

    ²²
    104.26.2.192

    ²³
    104.26.3.192

    ²⁴
    172.67.72.251

    ²⁵
    redirect.redhat.com

    ²⁶
    192.229.210.163

    ²⁷
    172.67.28.154

    ²⁸
    104.18.10.19

    ²⁹
    104.244.42.69

    ³⁰
    944ellb0102-vip01.blackmesh.com

    ³¹
    151.101.41.67

    ³² Fast .ly
    151.101.40.81

    ³³
    104.26.10.153

    ³⁴
    151.101.41.188

    ³⁵
    104.26.13.149

    ³⁶
    104.26.12.149

    ³⁷
    63.241.199.113

    ³⁸ Local ISP exploit try ip (private)
    192.0.66.2

    ³⁹
    162.159.153.4

    ⁴⁰
    104.18.16.202

    ⁴¹
    104.26.3.29

    ⁴²
    104.26.2.29

    ⁴³ NYC Twitter
    72.21.91.70

    ⁴⁴ Fast .ly
    151.101.2.187

    ⁴⁵ Fast .ly
    151.101.66.187

    ⁴⁶
    13.86.218.255

    ⁴⁷
    209.234.235.188

    ⁴⁸
    104.26.15.185

    ⁴⁹
    172.67.69.125

    ⁵⁰
    52.239.139.228

    ⁵¹
    104.17.83.11

    ⁵²
    104.17.32.62

    ⁵³
    104.244.42.130

    ⁵⁴
    20.189.172.0

    ⁵⁵
    172.67.222.28

    ⁵⁶
    151.101.41.73

    ⁵⁷
    13.86.218.248

    ⁵⁸
    104.27.203.89

    ⁵⁹
    104.16.13.194

    ⁶⁰
    104.244.42.133

    ⁶¹
    151.101.130.132

    ⁶²
    172.67.73.80

    ⁶³
    104.26.6.15

    ⁶⁴
    104.22.33.123

    ⁶⁵
    dns11.quad9.net

    ⁶⁶
    104.244.42.198

    ⁶⁷
    104.244.42.2

    ⁶⁸
    104.244.43.131

    ⁶⁹
    208.54.152.122

    ⁷⁰
    208.54.150.98

    ⁷¹
    52.236.40.36

    ⁷²
    104.18.23.15

    ⁷³
    104.26.1.5

    ⁷⁴
    172.67.71.43

    ⁷⁵
    199.232.93.184

    ⁷⁶
    151.101.2.217

    ⁷⁷
    199.232.92.81

    ⁷⁸
    104.26.0.5

    ⁷⁹
    151.101.130.217

    ⁸⁰
    151.101.66.217

    ⁸¹
    104.26.6.18

    ⁸²
    104.18.22.15

    ⁸³
    104.26.7.18

    ⁸⁴
    104.21.78.132

    ⁸⁵
    104.244.42.6

    ⁸⁶
    199.232.92.200

    ⁸⁷
    20.60.40.36

    ⁸⁸
    52.245.40.74

    ⁸⁹
    104.244.42.194

    ⁹⁰
    199.232.94.110

    ⁹¹
    172.67.72.57

    ⁹²
    192.229.173.16

    ⁹³
    104.244.42.193

    ⁹⁴
    208.54.106.98

    ⁹⁵
    104.244.42.65

    ⁹⁶
    104.244.42.193

    ⁹⁷
    151.101.67.52

    ⁹⁸
    104.244.42.3

    ⁹⁹
    151.101.67.52

    ¹⁰⁰
    104.244.42.1

    ¹⁰¹
    192.229.173.16

    ¹⁰²
    151.101.40.159

    ¹⁰³
    104.244.42.11

    ¹⁰⁴
    152.199.24.185

    ¹⁰⁵
    152.199.24.185

    This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.

    Cities:
    ¹
    reddit.com/r/netzpolitik/comme

    ²
    en.wikipedia.org/wiki/FinFishe

    ³
    spiegel.de/netzwelt/netzpoliti


    netzpolitik.org/2022/nach-pfae


    securityweek.com/german-author


    bloomberg.com/news/articles/20

    #RTDNA #StateSponsoredMalware#SSM#malware

  22. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
  23. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
  24. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
  25. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
  26. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
  27. CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #akamai

    Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #akamai hosting since November 2022ish for #Prosecutors to correlate.

    #FinFisherCom🤝#EnemyOfTheInternet

    #CALEA #greymarket #CALEAmalware 🔍🧐#infosec

    ¹
    a23-2-76-180.deploy.static.akamaitechnologies.com

    ²
    a96-7-153-84.deploy.static.akamaitechnologies.com

    ³
    a104-86-4-102.deploy.static.akamaitechnologies.com


    a184-31-10-236.deploy.static.akamaitechnologies.com


    a96-6-226-157.deploy.static.akamaitechnologies.com


    a23-50-34-13.deploy.static.akamaitechnologies.com


    a23-15-137-146.deploy.static.akamaitechnologies.com


    a23-213-123-78.deploy.static.akamaitechnologies.com


    a23-213-123-78.deploy.static.akamaitechnologies.com

    ¹⁰
    a23-11-22-101.deploy.static.akamaitechnologies.com

    ¹¹
    a23-59-206-230.deploy.static.akamaitechnologies.com

    ¹²
    a104-125-55-184.deploy.static.akamaitechnologies.com

    ¹³
    a23-78-154-233.deploy.static.akamaitechnologies.com

    ¹⁴
    a23-7-132-30.deploy.static.akamaitechnologies.com

    ¹⁵
    a104-86-104-224.deploy.static.akamaitechnologies.com

    ¹⁶
    a104-122-42-39.deploy.static.akamaitechnologies.com

    ¹⁷
    a23-202-60-225.deploy.static.akamaitechnologies.com

    ¹⁸
    a104-86-184-250.deploy.static.akamaitechnologies.com

    ¹⁹
    a184-51-48-250.deploy.static.akamaitechnologies.com

    ²⁰
    a104-121-159-217.deploy.static.akamaitechnologies.com

    ²¹
    a104-121-159-225.deploy.static.akamaitechnologies.com

    ²²
    a104-84-227-133.deploy.static.akamaitechnologies.com

    ²³
    a23-42-151-231.deploy.static.akamaitechnologies.com

    ²⁴
    a23-40-167-73.deploy.static.akamaitechnologies.com

    ²⁵
    a23-223-16-122.deploy.static.akamaitechnologies.com

    ²⁶
    a184-31-10-237.deploy.static.akamaitechnologies.com

    ²⁷
    a23-48-32-80.deploy.static.akamaitechnologies.com

    ²⁸
    a23-48-32-75.deploy.static.akamaitechnologies.com

    ²⁹
    a173-222-162-31.deploy.static.akamaitechnologies.com

    ³⁰
    a23-45-32-210.deploy.static.akamaitechnologies.com

    ³¹
    a184-30-164-84.deploy.static.akamaitechnologies.com

    ³²
    a23-59-200-173.deploy.static.akamaitechnologies.com

    ³³
    a23-43-191-224.deploy.static.akamaitechnologies.com

    This is just #akamai attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.

    Cities:
    ¹
    reddit.com/r/netzpolitik/comme

    ²
    en.wikipedia.org/wiki/FinFishe

    ³
    spiegel.de/netzwelt/netzpoliti


    netzpolitik.org/2022/nach-pfae


    securityweek.com/german-author


    bloomberg.com/news/articles/20

    #RTDNA #StateSponsoredMalware#SSM#malware