#caleamalware — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #caleamalware, aggregated by home.social.
-
One thing #cryptocurrency has to fear is the #GreyMarket usage of #CALEAMalware in #cybersecurity by dodgy #OfficerProxy under surveillance for #cryptocurrency #theft by another #StateSponsoredMalware family.
#infosec #cryptowallettheft #memecoin
#stopthesteal #cryptocurrency theft by #GammaGroup's #FinSpy #FinSpy #Finsky & #Meta's #GangstalkerForums
#StateSponsoredMalware targeting by installs from the #googleplaystore & #appleappstore -
One thing #cryptocurrency has to fear is the #GreyMarket usage of #CALEAMalware in #cybersecurity by dodgy #OfficerProxy under surveillance for #cryptocurrency #theft by another #StateSponsoredMalware family.
#infosec #cryptowallettheft #memecoin
#stopthesteal #cryptocurrency theft by #GammaGroup's #FinSpy #FinSpy #Finsky & #Meta's #GangstalkerForums
#StateSponsoredMalware targeting by installs from the #googleplaystore & #appleappstore -
One thing #cryptocurrency has to fear is the #GreyMarket usage of #CALEAMalware in #cybersecurity by dodgy #OfficerProxy under surveillance for #cryptocurrency #theft by another #StateSponsoredMalware family.
#infosec #cryptowallettheft #memecoin
#stopthesteal #cryptocurrency theft by #GammaGroup's #FinSpy #FinSpy #Finsky & #Meta's #GangstalkerForums
#StateSponsoredMalware targeting by installs from the #googleplaystore & #appleappstore -
One thing #cryptocurrency has to fear is the #GreyMarket usage of #CALEAMalware in #cybersecurity by dodgy #OfficerProxy under surveillance for #cryptocurrency #theft by another #StateSponsoredMalware family.
#infosec #cryptowallettheft #memecoin
#stopthesteal #cryptocurrency theft by #GammaGroup's #FinSpy #FinSpy #Finsky & #Meta's #GangstalkerForums
#StateSponsoredMalware targeting by installs from the #googleplaystore & #appleappstore -
One thing #cryptocurrency has to fear is the #GreyMarket usage of #CALEAMalware in #cybersecurity by dodgy #OfficerProxy under surveillance for #cryptocurrency #theft by another #StateSponsoredMalware family.
#infosec #cryptowallettheft #memecoin
#stopthesteal #cryptocurrency theft by #GammaGroup's #FinSpy #FinSpy #Finsky & #Meta's #GangstalkerForums
#StateSponsoredMalware targeting by installs from the #googleplaystore & #appleappstore -
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.
Fastly DNS GammaGroup FinFisher FinSpy
Attaccc Node Proxy IP : 151.101.3.52#Fastly #DNS
#GamaGroup #FinFisher #FinSpy #AttacccProxyServersRescanned today after 2 months of not being scanned.
#infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news
-
This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.
Fastly DNS GammaGroup FinFisher FinSpy
Attaccc Node Proxy IP : 151.101.3.52#Fastly #DNS
#GamaGroup #FinFisher #FinSpy #AttacccProxyServersRescanned today after 2 months of not being scanned.
#infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news
-
This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.
Fastly DNS GammaGroup FinFisher FinSpy
Attaccc Node Proxy IP : 151.101.3.52#Fastly #DNS
#GamaGroup #FinFisher #FinSpy #AttacccProxyServersRescanned today after 2 months of not being scanned.
#infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news
-
This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.
Fastly DNS GammaGroup FinFisher FinSpy
Attaccc Node Proxy IP : 151.101.3.52#Fastly #DNS
#GamaGroup #FinFisher #FinSpy #AttacccProxyServersRescanned today after 2 months of not being scanned.
#infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news
-
This one node is quite the repeat offender in attacccing as a many year logged attaccc server of exploits.
Fastly DNS GammaGroup FinFisher FinSpy
Attaccc Node Proxy IP : 151.101.3.52#Fastly #DNS
#GamaGroup #FinFisher #FinSpy #AttacccProxyServersRescanned today after 2 months of not being scanned.
#infosec #CALEAMalware #GreyMarketInvestigations #RTDNA #news
-
' the effects can be seen *gestures* .... Downstream. 💦 '
Had a similar run in banking wise a few years ago. Bank ended up getting class actioned & sued also. 👨⚖️👩⚖️⚖️
One of the many reasons I can't/don't bank, online, ever due to the greylisted market of #CALEAmalware families
☣️ #malware ☣️ #StateSponsoredMalware ☣️
They are total Psychopaths.
They also have names that have been published with full dossiers also.
-
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
CW: #StateSponsoredMalware is a #PlantationMindset
.
#StateSponsoredMalware
is a #PlantationMindsetWe are NOT going back.
YOU _ARE_ REVIEWABLE.
#GammaGroup #FinFisher
#FinSpy #Finsky#CALEAmalware #malware
#GreyMarket #infosec
License & Registration
#investigation -
CW: #StateSponsoredMalware is a #PlantationMindset
.
#StateSponsoredMalware
is a #PlantationMindsetWe are NOT going back.
YOU _ARE_ REVIEWABLE.
#GammaGroup #FinFisher
#FinSpy #Finsky#CALEAmalware #malware
#GreyMarket #infosec
License & Registration
#investigation -
CW: #StateSponsoredMalware is a #PlantationMindset
.
#StateSponsoredMalware
is a #PlantationMindsetWe are NOT going back.
YOU _ARE_ REVIEWABLE.
#GammaGroup #FinFisher
#FinSpy #Finsky#CALEAmalware #malware
#GreyMarket #infosec
License & Registration
#investigation -
CW: #StateSponsoredMalware is a #PlantationMindset
.
#StateSponsoredMalware
is a #PlantationMindsetWe are NOT going back.
YOU _ARE_ REVIEWABLE.
#GammaGroup #FinFisher
#FinSpy #Finsky#CALEAmalware #malware
#GreyMarket #infosec
License & Registration
#investigation -
CW: #StateSponsoredMalware is a #PlantationMindset
.
#StateSponsoredMalware
is a #PlantationMindsetWe are NOT going back.
YOU _ARE_ REVIEWABLE.
#GammaGroup #FinFisher
#FinSpy #Finsky#CALEAmalware #malware
#GreyMarket #infosec
License & Registration
#investigation -
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
New #GammaGroup #AWS containerized #GammaGroup #FinFisher #FinSpy #Finsky attack host found using #SystemApp callback shim.
Never been scanned as a host, ever, also.
Host:
ec2-52-37-203-8.us-west-2.compute.amazonaws.com#VirusTotal
https://www.virustotal.com/graph/embed/g1a2179975209400f884fc19b605977c20adc5a26b0f34a108b39b13f9f76db17#CALEAmalware #CALEA #GreyMarket #RTDNA #investigations #BadApples #infosec
-
#GammaGroup #FinFisher #FinSpy #Finsky #StateSponsoredMalware™ ✓ #CALEAmalware #CALEA #GreyMarket #investigations #RTDNA #infosec #news 🥱
Attack node logged today #Google
Interesting notes today :
¹ Hasn't been scanned in 3+yrs
#SystemApp callback
Host : sfo03s18-in-f10.1e100.net#VirusTotal
https://www.virustotal.com/graph/embed/g44b239796e0543318a1e653870385ef88f433e6ac1df427c8fa9f0ae77205592 -
CW: #Twitter update : #malware🤝#infosec - Twitter❄️🤝 #uspol news 🤝 #racists
So went to check on #Twitter today...
Ohhhh what a meltdown over there in the alt-Reich ❄️ flake land after the #uspol announcement today.
¹ The racists were out in force outing themselves, again, 💯
² The Zero Posting bots were out doing the usual, following anything to pump up the number of accounts
³ Increasing calls for violence against the opposite side of the aisle
⁴ Documented another Twitter IP big ole #malware node with #GammaGroup's #FinFisher #FinSpy I had Documented before as a phishing and malware spreader node
Fun times? Nah. Lame. ¯\_(ツ)_/¯
⁵ Added a old meme about Twitter
❄️🤝🙅♂️🤝📰 Cites as a meme. 😂
Still funny. 💯🤗#malware #Twitter #GammaGroup #FinFisher #FinSpy #Finsky #CALEAmalware #CALEA #GreyMarket #investigations #RTNDA #infosec #NotNews #news
#VirusTotal
https://www.virustotal.com/graph/embed/gf0be0cd0d37649978bdd57e864701bfa3dfda586734141b7b1b3a5ded46fa3ad -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
40.115.118.6²
40.115.117.30³ (fast .ly)
151.101.41.184⁴
172.56.140.14⁵
173.194.166.106⁶
173.194.166.106⁷
199.232.92.157⁸ Twitter
104.244.42.66⁹
151.101.190.110¹⁰
138.91.55.166¹¹
192.229.173.16¹² Twitter
104.244.42.139¹³
173.194.166.171¹⁴
152.199.24.185¹⁵
165.254.198.210¹⁶ Fast .ly
151.101.42.2¹⁷ Twitter
104.244.42.70¹⁸ Fast .ly
151.101.40.193¹⁹ Twitter
104.244.42.134²⁰ Fast .ly
151.101.40.84²¹
216.239.34.117²²
104.26.2.192²³
104.26.3.192²⁴
172.67.72.251²⁵
redirect.redhat.com²⁶
192.229.210.163²⁷
172.67.28.154²⁸
104.18.10.19²⁹
104.244.42.69³⁰
944ellb0102-vip01.blackmesh.com³¹
151.101.41.67³² Fast .ly
151.101.40.81³³
104.26.10.153³⁴
151.101.41.188³⁵
104.26.13.149³⁶
104.26.12.149³⁷
63.241.199.113³⁸ Local ISP exploit try ip (private)
192.0.66.2³⁹
162.159.153.4⁴⁰
104.18.16.202⁴¹
104.26.3.29⁴²
104.26.2.29⁴³ NYC Twitter
72.21.91.70⁴⁴ Fast .ly
151.101.2.187⁴⁵ Fast .ly
151.101.66.187⁴⁶
13.86.218.255⁴⁷
209.234.235.188⁴⁸
104.26.15.185⁴⁹
172.67.69.125⁵⁰
52.239.139.228⁵¹
104.17.83.11⁵²
104.17.32.62⁵³
104.244.42.130⁵⁴
20.189.172.0⁵⁵
172.67.222.28⁵⁶
151.101.41.73⁵⁷
13.86.218.248⁵⁸
104.27.203.89⁵⁹
104.16.13.194⁶⁰
104.244.42.133⁶¹
151.101.130.132⁶²
172.67.73.80⁶³
104.26.6.15⁶⁴
104.22.33.123⁶⁵
dns11.quad9.net⁶⁶
104.244.42.198⁶⁷
104.244.42.2⁶⁸
104.244.43.131⁶⁹
208.54.152.122⁷⁰
208.54.150.98⁷¹
52.236.40.36⁷²
104.18.23.15⁷³
104.26.1.5⁷⁴
172.67.71.43⁷⁵
199.232.93.184⁷⁶
151.101.2.217⁷⁷
199.232.92.81⁷⁸
104.26.0.5⁷⁹
151.101.130.217⁸⁰
151.101.66.217⁸¹
104.26.6.18⁸²
104.18.22.15⁸³
104.26.7.18⁸⁴
104.21.78.132⁸⁵
104.244.42.6⁸⁶
199.232.92.200⁸⁷
20.60.40.36⁸⁸
52.245.40.74⁸⁹
104.244.42.194⁹⁰
199.232.94.110⁹¹
172.67.72.57⁹²
192.229.173.16⁹³
104.244.42.193⁹⁴
208.54.106.98⁹⁵
104.244.42.65⁹⁶
104.244.42.193⁹⁷
151.101.67.52⁹⁸
104.244.42.3⁹⁹
151.101.67.52¹⁰⁰
104.244.42.1¹⁰¹
192.229.173.16¹⁰²
151.101.40.159¹⁰³
104.244.42.11¹⁰⁴
152.199.24.185¹⁰⁵
152.199.24.185This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
40.115.118.6²
40.115.117.30³ (fast .ly)
151.101.41.184⁴
172.56.140.14⁵
173.194.166.106⁶
173.194.166.106⁷
199.232.92.157⁸ Twitter
104.244.42.66⁹
151.101.190.110¹⁰
138.91.55.166¹¹
192.229.173.16¹² Twitter
104.244.42.139¹³
173.194.166.171¹⁴
152.199.24.185¹⁵
165.254.198.210¹⁶ Fast .ly
151.101.42.2¹⁷ Twitter
104.244.42.70¹⁸ Fast .ly
151.101.40.193¹⁹ Twitter
104.244.42.134²⁰ Fast .ly
151.101.40.84²¹
216.239.34.117²²
104.26.2.192²³
104.26.3.192²⁴
172.67.72.251²⁵
redirect.redhat.com²⁶
192.229.210.163²⁷
172.67.28.154²⁸
104.18.10.19²⁹
104.244.42.69³⁰
944ellb0102-vip01.blackmesh.com³¹
151.101.41.67³² Fast .ly
151.101.40.81³³
104.26.10.153³⁴
151.101.41.188³⁵
104.26.13.149³⁶
104.26.12.149³⁷
63.241.199.113³⁸ Local ISP exploit try ip (private)
192.0.66.2³⁹
162.159.153.4⁴⁰
104.18.16.202⁴¹
104.26.3.29⁴²
104.26.2.29⁴³ NYC Twitter
72.21.91.70⁴⁴ Fast .ly
151.101.2.187⁴⁵ Fast .ly
151.101.66.187⁴⁶
13.86.218.255⁴⁷
209.234.235.188⁴⁸
104.26.15.185⁴⁹
172.67.69.125⁵⁰
52.239.139.228⁵¹
104.17.83.11⁵²
104.17.32.62⁵³
104.244.42.130⁵⁴
20.189.172.0⁵⁵
172.67.222.28⁵⁶
151.101.41.73⁵⁷
13.86.218.248⁵⁸
104.27.203.89⁵⁹
104.16.13.194⁶⁰
104.244.42.133⁶¹
151.101.130.132⁶²
172.67.73.80⁶³
104.26.6.15⁶⁴
104.22.33.123⁶⁵
dns11.quad9.net⁶⁶
104.244.42.198⁶⁷
104.244.42.2⁶⁸
104.244.43.131⁶⁹
208.54.152.122⁷⁰
208.54.150.98⁷¹
52.236.40.36⁷²
104.18.23.15⁷³
104.26.1.5⁷⁴
172.67.71.43⁷⁵
199.232.93.184⁷⁶
151.101.2.217⁷⁷
199.232.92.81⁷⁸
104.26.0.5⁷⁹
151.101.130.217⁸⁰
151.101.66.217⁸¹
104.26.6.18⁸²
104.18.22.15⁸³
104.26.7.18⁸⁴
104.21.78.132⁸⁵
104.244.42.6⁸⁶
199.232.92.200⁸⁷
20.60.40.36⁸⁸
52.245.40.74⁸⁹
104.244.42.194⁹⁰
199.232.94.110⁹¹
172.67.72.57⁹²
192.229.173.16⁹³
104.244.42.193⁹⁴
208.54.106.98⁹⁵
104.244.42.65⁹⁶
104.244.42.193⁹⁷
151.101.67.52⁹⁸
104.244.42.3⁹⁹
151.101.67.52¹⁰⁰
104.244.42.1¹⁰¹
192.229.173.16¹⁰²
151.101.40.159¹⁰³
104.244.42.11¹⁰⁴
152.199.24.185¹⁰⁵
152.199.24.185This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
40.115.118.6²
40.115.117.30³ (fast .ly)
151.101.41.184⁴
172.56.140.14⁵
173.194.166.106⁶
173.194.166.106⁷
199.232.92.157⁸ Twitter
104.244.42.66⁹
151.101.190.110¹⁰
138.91.55.166¹¹
192.229.173.16¹² Twitter
104.244.42.139¹³
173.194.166.171¹⁴
152.199.24.185¹⁵
165.254.198.210¹⁶ Fast .ly
151.101.42.2¹⁷ Twitter
104.244.42.70¹⁸ Fast .ly
151.101.40.193¹⁹ Twitter
104.244.42.134²⁰ Fast .ly
151.101.40.84²¹
216.239.34.117²²
104.26.2.192²³
104.26.3.192²⁴
172.67.72.251²⁵
redirect.redhat.com²⁶
192.229.210.163²⁷
172.67.28.154²⁸
104.18.10.19²⁹
104.244.42.69³⁰
944ellb0102-vip01.blackmesh.com³¹
151.101.41.67³² Fast .ly
151.101.40.81³³
104.26.10.153³⁴
151.101.41.188³⁵
104.26.13.149³⁶
104.26.12.149³⁷
63.241.199.113³⁸ Local ISP exploit try ip (private)
192.0.66.2³⁹
162.159.153.4⁴⁰
104.18.16.202⁴¹
104.26.3.29⁴²
104.26.2.29⁴³ NYC Twitter
72.21.91.70⁴⁴ Fast .ly
151.101.2.187⁴⁵ Fast .ly
151.101.66.187⁴⁶
13.86.218.255⁴⁷
209.234.235.188⁴⁸
104.26.15.185⁴⁹
172.67.69.125⁵⁰
52.239.139.228⁵¹
104.17.83.11⁵²
104.17.32.62⁵³
104.244.42.130⁵⁴
20.189.172.0⁵⁵
172.67.222.28⁵⁶
151.101.41.73⁵⁷
13.86.218.248⁵⁸
104.27.203.89⁵⁹
104.16.13.194⁶⁰
104.244.42.133⁶¹
151.101.130.132⁶²
172.67.73.80⁶³
104.26.6.15⁶⁴
104.22.33.123⁶⁵
dns11.quad9.net⁶⁶
104.244.42.198⁶⁷
104.244.42.2⁶⁸
104.244.43.131⁶⁹
208.54.152.122⁷⁰
208.54.150.98⁷¹
52.236.40.36⁷²
104.18.23.15⁷³
104.26.1.5⁷⁴
172.67.71.43⁷⁵
199.232.93.184⁷⁶
151.101.2.217⁷⁷
199.232.92.81⁷⁸
104.26.0.5⁷⁹
151.101.130.217⁸⁰
151.101.66.217⁸¹
104.26.6.18⁸²
104.18.22.15⁸³
104.26.7.18⁸⁴
104.21.78.132⁸⁵
104.244.42.6⁸⁶
199.232.92.200⁸⁷
20.60.40.36⁸⁸
52.245.40.74⁸⁹
104.244.42.194⁹⁰
199.232.94.110⁹¹
172.67.72.57⁹²
192.229.173.16⁹³
104.244.42.193⁹⁴
208.54.106.98⁹⁵
104.244.42.65⁹⁶
104.244.42.193⁹⁷
151.101.67.52⁹⁸
104.244.42.3⁹⁹
151.101.67.52¹⁰⁰
104.244.42.1¹⁰¹
192.229.173.16¹⁰²
151.101.40.159¹⁰³
104.244.42.11¹⁰⁴
152.199.24.185¹⁰⁵
152.199.24.185This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
40.115.118.6²
40.115.117.30³ (fast .ly)
151.101.41.184⁴
172.56.140.14⁵
173.194.166.106⁶
173.194.166.106⁷
199.232.92.157⁸ Twitter
104.244.42.66⁹
151.101.190.110¹⁰
138.91.55.166¹¹
192.229.173.16¹² Twitter
104.244.42.139¹³
173.194.166.171¹⁴
152.199.24.185¹⁵
165.254.198.210¹⁶ Fast .ly
151.101.42.2¹⁷ Twitter
104.244.42.70¹⁸ Fast .ly
151.101.40.193¹⁹ Twitter
104.244.42.134²⁰ Fast .ly
151.101.40.84²¹
216.239.34.117²²
104.26.2.192²³
104.26.3.192²⁴
172.67.72.251²⁵
redirect.redhat.com²⁶
192.229.210.163²⁷
172.67.28.154²⁸
104.18.10.19²⁹
104.244.42.69³⁰
944ellb0102-vip01.blackmesh.com³¹
151.101.41.67³² Fast .ly
151.101.40.81³³
104.26.10.153³⁴
151.101.41.188³⁵
104.26.13.149³⁶
104.26.12.149³⁷
63.241.199.113³⁸ Local ISP exploit try ip (private)
192.0.66.2³⁹
162.159.153.4⁴⁰
104.18.16.202⁴¹
104.26.3.29⁴²
104.26.2.29⁴³ NYC Twitter
72.21.91.70⁴⁴ Fast .ly
151.101.2.187⁴⁵ Fast .ly
151.101.66.187⁴⁶
13.86.218.255⁴⁷
209.234.235.188⁴⁸
104.26.15.185⁴⁹
172.67.69.125⁵⁰
52.239.139.228⁵¹
104.17.83.11⁵²
104.17.32.62⁵³
104.244.42.130⁵⁴
20.189.172.0⁵⁵
172.67.222.28⁵⁶
151.101.41.73⁵⁷
13.86.218.248⁵⁸
104.27.203.89⁵⁹
104.16.13.194⁶⁰
104.244.42.133⁶¹
151.101.130.132⁶²
172.67.73.80⁶³
104.26.6.15⁶⁴
104.22.33.123⁶⁵
dns11.quad9.net⁶⁶
104.244.42.198⁶⁷
104.244.42.2⁶⁸
104.244.43.131⁶⁹
208.54.152.122⁷⁰
208.54.150.98⁷¹
52.236.40.36⁷²
104.18.23.15⁷³
104.26.1.5⁷⁴
172.67.71.43⁷⁵
199.232.93.184⁷⁶
151.101.2.217⁷⁷
199.232.92.81⁷⁸
104.26.0.5⁷⁹
151.101.130.217⁸⁰
151.101.66.217⁸¹
104.26.6.18⁸²
104.18.22.15⁸³
104.26.7.18⁸⁴
104.21.78.132⁸⁵
104.244.42.6⁸⁶
199.232.92.200⁸⁷
20.60.40.36⁸⁸
52.245.40.74⁸⁹
104.244.42.194⁹⁰
199.232.94.110⁹¹
172.67.72.57⁹²
192.229.173.16⁹³
104.244.42.193⁹⁴
208.54.106.98⁹⁵
104.244.42.65⁹⁶
104.244.42.193⁹⁷
151.101.67.52⁹⁸
104.244.42.3⁹⁹
151.101.67.52¹⁰⁰
104.244.42.1¹⁰¹
192.229.173.16¹⁰²
151.101.40.159¹⁰³
104.244.42.11¹⁰⁴
152.199.24.185¹⁰⁵
152.199.24.185This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
40.115.118.6²
40.115.117.30³ (fast .ly)
151.101.41.184⁴
172.56.140.14⁵
173.194.166.106⁶
173.194.166.106⁷
199.232.92.157⁸ Twitter
104.244.42.66⁹
151.101.190.110¹⁰
138.91.55.166¹¹
192.229.173.16¹² Twitter
104.244.42.139¹³
173.194.166.171¹⁴
152.199.24.185¹⁵
165.254.198.210¹⁶ Fast .ly
151.101.42.2¹⁷ Twitter
104.244.42.70¹⁸ Fast .ly
151.101.40.193¹⁹ Twitter
104.244.42.134²⁰ Fast .ly
151.101.40.84²¹
216.239.34.117²²
104.26.2.192²³
104.26.3.192²⁴
172.67.72.251²⁵
redirect.redhat.com²⁶
192.229.210.163²⁷
172.67.28.154²⁸
104.18.10.19²⁹
104.244.42.69³⁰
944ellb0102-vip01.blackmesh.com³¹
151.101.41.67³² Fast .ly
151.101.40.81³³
104.26.10.153³⁴
151.101.41.188³⁵
104.26.13.149³⁶
104.26.12.149³⁷
63.241.199.113³⁸ Local ISP exploit try ip (private)
192.0.66.2³⁹
162.159.153.4⁴⁰
104.18.16.202⁴¹
104.26.3.29⁴²
104.26.2.29⁴³ NYC Twitter
72.21.91.70⁴⁴ Fast .ly
151.101.2.187⁴⁵ Fast .ly
151.101.66.187⁴⁶
13.86.218.255⁴⁷
209.234.235.188⁴⁸
104.26.15.185⁴⁹
172.67.69.125⁵⁰
52.239.139.228⁵¹
104.17.83.11⁵²
104.17.32.62⁵³
104.244.42.130⁵⁴
20.189.172.0⁵⁵
172.67.222.28⁵⁶
151.101.41.73⁵⁷
13.86.218.248⁵⁸
104.27.203.89⁵⁹
104.16.13.194⁶⁰
104.244.42.133⁶¹
151.101.130.132⁶²
172.67.73.80⁶³
104.26.6.15⁶⁴
104.22.33.123⁶⁵
dns11.quad9.net⁶⁶
104.244.42.198⁶⁷
104.244.42.2⁶⁸
104.244.43.131⁶⁹
208.54.152.122⁷⁰
208.54.150.98⁷¹
52.236.40.36⁷²
104.18.23.15⁷³
104.26.1.5⁷⁴
172.67.71.43⁷⁵
199.232.93.184⁷⁶
151.101.2.217⁷⁷
199.232.92.81⁷⁸
104.26.0.5⁷⁹
151.101.130.217⁸⁰
151.101.66.217⁸¹
104.26.6.18⁸²
104.18.22.15⁸³
104.26.7.18⁸⁴
104.21.78.132⁸⁵
104.244.42.6⁸⁶
199.232.92.200⁸⁷
20.60.40.36⁸⁸
52.245.40.74⁸⁹
104.244.42.194⁹⁰
199.232.94.110⁹¹
172.67.72.57⁹²
192.229.173.16⁹³
104.244.42.193⁹⁴
208.54.106.98⁹⁵
104.244.42.65⁹⁶
104.244.42.193⁹⁷
151.101.67.52⁹⁸
104.244.42.3⁹⁹
151.101.67.52¹⁰⁰
104.244.42.1¹⁰¹
192.229.173.16¹⁰²
151.101.40.159¹⁰³
104.244.42.11¹⁰⁴
152.199.24.185¹⁰⁵
152.199.24.185This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #CloudFront hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
server-18-155-192-115.sfo53.r.cloudfront.net²
65.8.17.126³
65.8.166.214This is just #CloudFront attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #CloudFront hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
server-18-155-192-115.sfo53.r.cloudfront.net²
65.8.17.126³
65.8.166.214This is just #CloudFront attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #CloudFront hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
server-18-155-192-115.sfo53.r.cloudfront.net²
65.8.17.126³
65.8.166.214This is just #CloudFront attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #CloudFront hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
server-18-155-192-115.sfo53.r.cloudfront.net²
65.8.17.126³
65.8.166.214This is just #CloudFront attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #CloudFront hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
server-18-155-192-115.sfo53.r.cloudfront.net²
65.8.17.126³
65.8.166.214This is just #CloudFront attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #akamai
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #akamai hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
a23-2-76-180.deploy.static.akamaitechnologies.com²
a96-7-153-84.deploy.static.akamaitechnologies.com³
a104-86-4-102.deploy.static.akamaitechnologies.com⁴
a184-31-10-236.deploy.static.akamaitechnologies.com⁵
a96-6-226-157.deploy.static.akamaitechnologies.com⁶
a23-50-34-13.deploy.static.akamaitechnologies.com⁷
a23-15-137-146.deploy.static.akamaitechnologies.com⁸
a23-213-123-78.deploy.static.akamaitechnologies.com⁹
a23-213-123-78.deploy.static.akamaitechnologies.com¹⁰
a23-11-22-101.deploy.static.akamaitechnologies.com¹¹
a23-59-206-230.deploy.static.akamaitechnologies.com¹²
a104-125-55-184.deploy.static.akamaitechnologies.com¹³
a23-78-154-233.deploy.static.akamaitechnologies.com¹⁴
a23-7-132-30.deploy.static.akamaitechnologies.com¹⁵
a104-86-104-224.deploy.static.akamaitechnologies.com¹⁶
a104-122-42-39.deploy.static.akamaitechnologies.com¹⁷
a23-202-60-225.deploy.static.akamaitechnologies.com¹⁸
a104-86-184-250.deploy.static.akamaitechnologies.com¹⁹
a184-51-48-250.deploy.static.akamaitechnologies.com²⁰
a104-121-159-217.deploy.static.akamaitechnologies.com²¹
a104-121-159-225.deploy.static.akamaitechnologies.com²²
a104-84-227-133.deploy.static.akamaitechnologies.com²³
a23-42-151-231.deploy.static.akamaitechnologies.com²⁴
a23-40-167-73.deploy.static.akamaitechnologies.com²⁵
a23-223-16-122.deploy.static.akamaitechnologies.com²⁶
a184-31-10-237.deploy.static.akamaitechnologies.com²⁷
a23-48-32-80.deploy.static.akamaitechnologies.com²⁸
a23-48-32-75.deploy.static.akamaitechnologies.com²⁹
a173-222-162-31.deploy.static.akamaitechnologies.com³⁰
a23-45-32-210.deploy.static.akamaitechnologies.com³¹
a184-30-164-84.deploy.static.akamaitechnologies.com³²
a23-59-200-173.deploy.static.akamaitechnologies.com³³
a23-43-191-224.deploy.static.akamaitechnologies.comThis is just #akamai attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/