#greymarket — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #greymarket, aggregated by home.social.
-
One thing #cryptocurrency has to fear is the #GreyMarket usage of #CALEAMalware in #cybersecurity by dodgy #OfficerProxy under surveillance for #cryptocurrency #theft by another #StateSponsoredMalware family.
#infosec #cryptowallettheft #memecoin
#stopthesteal #cryptocurrency theft by #GammaGroup's #FinSpy #FinSpy #Finsky & #Meta's #GangstalkerForums
#StateSponsoredMalware targeting by installs from the #googleplaystore & #appleappstore -
The more you know about how the #GreyMarket of #CALEA #malware is whitelisted #StateSponsoredMalware™ from #GammaGroup #FinFisher #FinSpy #Finsky which is already installed on 100's of MILLIONS of devices in #AMER already.... the better.
👀
🔬 -
Sure. Depends on the OS.
I focus on Android OS 10, 11 & 12 currently #VirusTota'ing the client #FinFisher, #FinSpy & #finsky & their attaccc proxy servers also.
Android 13, 14, 15 for https://GammaGroup.Com client is on my roadmap this year & into next year though.
I've been super busy on other projects since this one is very charity work oriented in #infosec of #CALEA & #GreyMarket #CALEA software.
Occasionally I also post about #NSOGroup since they are a competitor to GammaGroup in the UK.
#StateSponsoredMalware
#WhitelistedMalware
#LawfulIntercept
#UnlawfulIntercept
#investigations -
Sure. Depends on the OS.
I focus on Android OS 10, 11 & 12 currently #VirusTota'ing the client #FinFisher, #FinSpy & #finsky & their attaccc proxy servers also.
Android 13, 14, 15 for https://GammaGroup.Com client is on my roadmap this year & into next year though.
I've been super busy on other projects since this one is very charity work oriented in #infosec of #CALEA & #GreyMarket #CALEA software.
Occasionally I also post about #NSOGroup since they are a competitor to GammaGroup in the UK.
#StateSponsoredMalware
#WhitelistedMalware
#LawfulIntercept
#UnlawfulIntercept
#investigations -
Sure. Depends on the OS.
I focus on Android OS 10, 11 & 12 currently #VirusTota'ing the client #FinFisher, #FinSpy & #finsky & their attaccc proxy servers also.
Android 13, 14, 15 for https://GammaGroup.Com client is on my roadmap this year & into next year though.
I've been super busy on other projects since this one is very charity work oriented in #infosec of #CALEA & #GreyMarket #CALEA software.
Occasionally I also post about #NSOGroup since they are a competitor to GammaGroup in the UK.
#StateSponsoredMalware
#WhitelistedMalware
#LawfulIntercept
#UnlawfulIntercept
#investigations -
Sure. Depends on the OS.
I focus on Android OS 10, 11 & 12 currently #VirusTota'ing the client #FinFisher, #FinSpy & #finsky & their attaccc proxy servers also.
Android 13, 14, 15 for https://GammaGroup.Com client is on my roadmap this year & into next year though.
I've been super busy on other projects since this one is very charity work oriented in #infosec of #CALEA & #GreyMarket #CALEA software.
Occasionally I also post about #NSOGroup since they are a competitor to GammaGroup in the UK.
#StateSponsoredMalware
#WhitelistedMalware
#LawfulIntercept
#UnlawfulIntercept
#investigations -
Sure. Depends on the OS.
I focus on Android OS 10, 11 & 12 currently #VirusTota'ing the client #FinFisher, #FinSpy & #finsky & their attaccc proxy servers also.
Android 13, 14, 15 for https://GammaGroup.Com client is on my roadmap this year & into next year though.
I've been super busy on other projects since this one is very charity work oriented in #infosec of #CALEA & #GreyMarket #CALEA software.
Occasionally I also post about #NSOGroup since they are a competitor to GammaGroup in the UK.
#StateSponsoredMalware
#WhitelistedMalware
#LawfulIntercept
#UnlawfulIntercept
#investigations -
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
In the future the 1975 Church Committee hearings will replay in the 2020's and the findings will prove to be even worse in public hearings especially when the domestic #AMER from #Meta's #GangStalker forum #databreach hits the front pages of the domestic / international #news with the same response as per Meta usual.
#CALEA ☣️🔍👀 #Malware #audits ☣️🔍👀
#RTDNA #TorturePrograms #Meta ☣️ #StateSponsoredMalware ☣️ #CALEAMalware ☣️ #GreyMarket ☣️ #investigations ☣️ 🔍👀👀
Don't forget the ♻️📨📥📲 #HistoryLoops #APnews 🔍👀👀
-
CW: #bizdev idea for free #infosec
🔮Someone should make a web site that, like haveibeenpwnd .com lets you know :
☣️🔎 DoIHaveSSM . Com 🔍☣️
🔮 It would be popular also. 👮👮♀️👮♂️
This seems like a @citizenlab 🤝 @eff 🤝 @epicprivacy @briankrebs kinda run web site idea though.
Hmm... Maybe Steve at #GRC could host?
#GammaGroup #FinFisher #FinSpy #Finsky #GreyMarket #investigations
-
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
When they remove #GammaGroup's #FinFisher #FinSpy #Finsky from the #GooglePlayStore & #AppleAppStore do you think #TheFacebook's user acquisitions team will see a Marked Drop in #DAU, #MAU & #DAP in their 10k filings?
#SocialMedia
#FreeWebHostingCulture
#FraudPlatforms
#FinancialCrimePlatforms
#OrganicNegativeGrowthPlatforms
#SiliconValley #California #CALEAmalware #CALEA #GreyMarket #malware platform #infosec #investigations -
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
Wouldn't it be #weird when they find out that #GammaGroup's #FinFisher #FinSpy Finsky was found to be responsible for the ' #spying ' & #financial crimes & #miniWatergate break in's coordinated on #Meta since it's installed on 100's of Millions of clients... or nah?
#infosec #StateSponsoredMalware #CALEAmalware #CALEA #GreyMarket #investigatons 🔍🧐
-
CW: #StateSponsoredMalware is a #PlantationMindset
.
#StateSponsoredMalware
is a #PlantationMindsetWe are NOT going back.
YOU _ARE_ REVIEWABLE.
#GammaGroup #FinFisher
#FinSpy #Finsky#CALEAmalware #malware
#GreyMarket #infosec
License & Registration
#investigation -
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
Luckily.... 📡🛰️'s exist for 🚪👀 monitoring regardless of the #COPSProgram🤝#COINTELPRO type #MiniWaterGate's' type incidents perpetrators being remediated by #audits of #Meta's #GangStalking #FreeWebHostingCulture of #fraud
keeping the ' bad apples ' in check.... MmHmm.#infosec #StateSponsoredMalware #GreyMarket #CALEAmalware #malware #investigations #FakeFacebookProfiles #Meta #BusinessModelsExposed #fraud at #Meta 🔍🧐
-
People should wonder how much #GreyMarket #StateSponsoredMalware made them #homeless in #California 🔍🧐 during the #pandemic.
#infosec #statesponsoredthreatactors #Meta #HousingIsKey #Atlassian #hacking #fraud #FreeWebHostingCulture #investigations #🔍🧐
-
CW: Interesting #CALEA #GreyMarket usage of #StateSponsoredMalware™ key capabilities & logged attributes
One of the key attributes of #StateSponsoredMalware™ from #GammaGroup's #FinFisher #FinSpy #Finsky is understanding that it is a shim based mish mash of resident files that point to different parts of the other background services running.
Some are replaced stock system files modified to look like and are named the same as the original but are supplemented with additional API's that call the mutiple shims that has as it's main goal of getting complete persistence on your systems if it has not done so already.
🚩🚩🚩🚩One first sign is the battery drain this software uses. It has a weird side effect of NOT logging in this battery usage like normal applications and system. 🚩🚩🚩🚩
⚠️🚨⚠️🚨⚠️🚨⚠️ 🚨⚠️🚨⚠️🚨
This BATTERY DRAIN is a HUGE
first indicator of compromise.
⚠️🚨⚠️🚨⚠️🚨⚠️🚨⚠️🚨⚠️🚨Second is checking the BACKGROUND programs running list. There are SEVERAL background programs that indicates you have been compromised by GammaGroup's software, especially on #Android , #IOS, #MacOS, #Windows, & #Linux.
There are attaccc features also which spread, from a library of PNGs with URL arrays embedded to their #malware services that launch attaccc's based on certain PSTN calls, web browsing & also MMS & SMS interactions.
For example, receiving an SMS or MMS can activate things on your computer or wireless device to do things like start a running process shim like start or restart specific services.
There is also a #MITM #ForcedMDM & #proxying ability to use your end point as an attaccc node completely behind the scenes without your intervention or knowledge unless you are logging your traffic which also could be bypassed also as has been seen previously. That is on purpose.
Continued..... #infosec #GreyMarket #CALEA #malware #investigations #RTDNA ☣️🔍🧐
-
The exposure of web1 types to web2 and web3 does great things transparently and reviewable when megapedosites fail in public for accountability sake. Always plays out in court to their overwhelming loser mentality with their own fraud data used against them publicly. ⚖️
#infosec #fraud #pedophile #malware #GreyMarket #statesponsoredmalware #CALEA #investigations ☣️🔍🧐
-
A thread on the #Southport riots misinfo and the incentives driving the platform digital asset market that played a role in one of the sites that legitimized it.
https://threadreaderapp.com/thread/1822244897635577857.html
#OSINT #misinformation #UK #socialMedia #platforms #hacking #engagementFarming #greyMarket
-
Woo! 3 more #GammaGroup #FinFisher #FinSpy #Finsky #StateSponsoredMalware attaccc nodes to review today!
Two on BunnyNet and a NEW one from wikipedia!
Very productive day today!!!
👀
🔬
☣️ -
New #GammaGroup #AWS containerized #GammaGroup #FinFisher #FinSpy #Finsky attack host found using #SystemApp callback shim.
Never been scanned as a host, ever, also.
Host:
ec2-52-37-203-8.us-west-2.compute.amazonaws.com#VirusTotal
https://www.virustotal.com/graph/embed/g1a2179975209400f884fc19b605977c20adc5a26b0f34a108b39b13f9f76db17#CALEAmalware #CALEA #GreyMarket #RTDNA #investigations #BadApples #infosec
-
#GammaGroup #FinFisher #FinSpy #Finsky #StateSponsoredMalware™ ✓ #CALEAmalware #CALEA #GreyMarket #investigations #RTDNA #infosec #news 🥱
Attack node logged today #Google
Interesting notes today :
¹ Hasn't been scanned in 3+yrs
#SystemApp callback
Host : sfo03s18-in-f10.1e100.net#VirusTotal
https://www.virustotal.com/graph/embed/g44b239796e0543318a1e653870385ef88f433e6ac1df427c8fa9f0ae77205592 -
It's a good thing they are getting to the root cause, malware🤝homelessness🤝malware caused homelessness, because tipping the scales to __make people homeless with malware__ is a huuuuuge story, init? 🔍👀👀
#RTDNA #malware #homelessness #malwarecausedhomelessness #investigations #news #StateSponsoredMalware™✓ #GreyMarket #investigations #Meta
-
CW: #Twitter update : #malware🤝#infosec - Twitter❄️🤝 #uspol news 🤝 #racists
So went to check on #Twitter today...
Ohhhh what a meltdown over there in the alt-Reich ❄️ flake land after the #uspol announcement today.
¹ The racists were out in force outing themselves, again, 💯
² The Zero Posting bots were out doing the usual, following anything to pump up the number of accounts
³ Increasing calls for violence against the opposite side of the aisle
⁴ Documented another Twitter IP big ole #malware node with #GammaGroup's #FinFisher #FinSpy I had Documented before as a phishing and malware spreader node
Fun times? Nah. Lame. ¯\_(ツ)_/¯
⁵ Added a old meme about Twitter
❄️🤝🙅♂️🤝📰 Cites as a meme. 😂
Still funny. 💯🤗#malware #Twitter #GammaGroup #FinFisher #FinSpy #Finsky #CALEAmalware #CALEA #GreyMarket #investigations #RTNDA #infosec #NotNews #news
#VirusTotal
https://www.virustotal.com/graph/embed/gf0be0cd0d37649978bdd57e864701bfa3dfda586734141b7b1b3a5ded46fa3ad -
Suddenly this is starting to look like a #GammaGroup #FinFisher #FinSpy map kinda map of the #GreyMarket #CALEA #investigations locations. /$☣️ 🔍🧐
Suggest .kml MAP overlay with the current data set. 🇷🇺☣️🔍🧐
-
#GammaGroup #FinFisher #FinSpy #SystemApp callback caught #CALEA #malware #GreyMarket #investigations
💻🤝☣️🤝🤳 🎣🔍🧐
on #BunnyNet's CDN from #DataPacket
Interesting vectors... Quite the pointers this scan. Was scanned last 1yr ago. Showed up as malicious. Scans clean now except for the #malware found as a #GammaGroup shim caught nao. 🎣
Caught a bit o' Meta also in the callback graph. Huh.
#VirusTotal
https://www.virustotal.com/graph/embed/g7ee0dd48fe8e4dbbaf440955ee7bfbf57af12ca1c14543e08671f514fafb75be -
☣️ #StateSponsoredMalware™✓ #SSM™ ✓ #GammaGroup's ☣️ 🦈#FinFisher 🦈☣️ #FinSpy 🦈 ☣️ #Finsky
Closed web site by #germany prosecutors' https:// finfisher . com for licensing violations.
-
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on IPs LARGE LIST
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on these IPs LARGE LIST hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
40.115.118.6²
40.115.117.30³ (fast .ly)
151.101.41.184⁴
172.56.140.14⁵
173.194.166.106⁶
173.194.166.106⁷
199.232.92.157⁸ Twitter
104.244.42.66⁹
151.101.190.110¹⁰
138.91.55.166¹¹
192.229.173.16¹² Twitter
104.244.42.139¹³
173.194.166.171¹⁴
152.199.24.185¹⁵
165.254.198.210¹⁶ Fast .ly
151.101.42.2¹⁷ Twitter
104.244.42.70¹⁸ Fast .ly
151.101.40.193¹⁹ Twitter
104.244.42.134²⁰ Fast .ly
151.101.40.84²¹
216.239.34.117²²
104.26.2.192²³
104.26.3.192²⁴
172.67.72.251²⁵
redirect.redhat.com²⁶
192.229.210.163²⁷
172.67.28.154²⁸
104.18.10.19²⁹
104.244.42.69³⁰
944ellb0102-vip01.blackmesh.com³¹
151.101.41.67³² Fast .ly
151.101.40.81³³
104.26.10.153³⁴
151.101.41.188³⁵
104.26.13.149³⁶
104.26.12.149³⁷
63.241.199.113³⁸ Local ISP exploit try ip (private)
192.0.66.2³⁹
162.159.153.4⁴⁰
104.18.16.202⁴¹
104.26.3.29⁴²
104.26.2.29⁴³ NYC Twitter
72.21.91.70⁴⁴ Fast .ly
151.101.2.187⁴⁵ Fast .ly
151.101.66.187⁴⁶
13.86.218.255⁴⁷
209.234.235.188⁴⁸
104.26.15.185⁴⁹
172.67.69.125⁵⁰
52.239.139.228⁵¹
104.17.83.11⁵²
104.17.32.62⁵³
104.244.42.130⁵⁴
20.189.172.0⁵⁵
172.67.222.28⁵⁶
151.101.41.73⁵⁷
13.86.218.248⁵⁸
104.27.203.89⁵⁹
104.16.13.194⁶⁰
104.244.42.133⁶¹
151.101.130.132⁶²
172.67.73.80⁶³
104.26.6.15⁶⁴
104.22.33.123⁶⁵
dns11.quad9.net⁶⁶
104.244.42.198⁶⁷
104.244.42.2⁶⁸
104.244.43.131⁶⁹
208.54.152.122⁷⁰
208.54.150.98⁷¹
52.236.40.36⁷²
104.18.23.15⁷³
104.26.1.5⁷⁴
172.67.71.43⁷⁵
199.232.93.184⁷⁶
151.101.2.217⁷⁷
199.232.92.81⁷⁸
104.26.0.5⁷⁹
151.101.130.217⁸⁰
151.101.66.217⁸¹
104.26.6.18⁸²
104.18.22.15⁸³
104.26.7.18⁸⁴
104.21.78.132⁸⁵
104.244.42.6⁸⁶
199.232.92.200⁸⁷
20.60.40.36⁸⁸
52.245.40.74⁸⁹
104.244.42.194⁹⁰
199.232.94.110⁹¹
172.67.72.57⁹²
192.229.173.16⁹³
104.244.42.193⁹⁴
208.54.106.98⁹⁵
104.244.42.65⁹⁶
104.244.42.193⁹⁷
151.101.67.52⁹⁸
104.244.42.3⁹⁹
151.101.67.52¹⁰⁰
104.244.42.1¹⁰¹
192.229.173.16¹⁰²
151.101.40.159¹⁰³
104.244.42.11¹⁰⁴
152.199.24.185¹⁰⁵
152.199.24.185This is just # attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #CloudFront
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #CloudFront hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
server-18-155-192-115.sfo53.r.cloudfront.net²
65.8.17.126³
65.8.166.214This is just #CloudFront attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #akamai
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #akamai hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
a23-2-76-180.deploy.static.akamaitechnologies.com²
a96-7-153-84.deploy.static.akamaitechnologies.com³
a104-86-4-102.deploy.static.akamaitechnologies.com⁴
a184-31-10-236.deploy.static.akamaitechnologies.com⁵
a96-6-226-157.deploy.static.akamaitechnologies.com⁶
a23-50-34-13.deploy.static.akamaitechnologies.com⁷
a23-15-137-146.deploy.static.akamaitechnologies.com⁸
a23-213-123-78.deploy.static.akamaitechnologies.com⁹
a23-213-123-78.deploy.static.akamaitechnologies.com¹⁰
a23-11-22-101.deploy.static.akamaitechnologies.com¹¹
a23-59-206-230.deploy.static.akamaitechnologies.com¹²
a104-125-55-184.deploy.static.akamaitechnologies.com¹³
a23-78-154-233.deploy.static.akamaitechnologies.com¹⁴
a23-7-132-30.deploy.static.akamaitechnologies.com¹⁵
a104-86-104-224.deploy.static.akamaitechnologies.com¹⁶
a104-122-42-39.deploy.static.akamaitechnologies.com¹⁷
a23-202-60-225.deploy.static.akamaitechnologies.com¹⁸
a104-86-184-250.deploy.static.akamaitechnologies.com¹⁹
a184-51-48-250.deploy.static.akamaitechnologies.com²⁰
a104-121-159-217.deploy.static.akamaitechnologies.com²¹
a104-121-159-225.deploy.static.akamaitechnologies.com²²
a104-84-227-133.deploy.static.akamaitechnologies.com²³
a23-42-151-231.deploy.static.akamaitechnologies.com²⁴
a23-40-167-73.deploy.static.akamaitechnologies.com²⁵
a23-223-16-122.deploy.static.akamaitechnologies.com²⁶
a184-31-10-237.deploy.static.akamaitechnologies.com²⁷
a23-48-32-80.deploy.static.akamaitechnologies.com²⁸
a23-48-32-75.deploy.static.akamaitechnologies.com²⁹
a173-222-162-31.deploy.static.akamaitechnologies.com³⁰
a23-45-32-210.deploy.static.akamaitechnologies.com³¹
a184-30-164-84.deploy.static.akamaitechnologies.com³²
a23-59-200-173.deploy.static.akamaitechnologies.com³³
a23-43-191-224.deploy.static.akamaitechnologies.comThis is just #akamai attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: LARGE List of #GammaGroup #FinFisher #FinSpy hosts #GreyMarket #CALEAmalware #CALEA #investigations
Aggregation of my #GammaGroup #FinFisher attaccc nodes logged for the past 2+yrs. #RTDNA #CALEA #GreyMarket #malware #licensing #investigations ☣️🔍🧐 #infosec
¹ #BunnyCDN / #DataPacket
https://infosec.exchange/@infosec_jcp/112719219876040798² #AWS in #AMER & #EU
https://infosec.exchange/@infosec_jcp/112724625585749421³ #Google
https://infosec.exchange/@infosec_jcp/112724771286452381⁴ #Akamai
https://infosec.exchange/@infosec_jcp/112724939254649507⁵ #CloudFront
https://infosec.exchange/@infosec_jcp/112725394617753232⁶ #FastLy #Twitter & Misc IPs ( LARGE LIST )
https://infosec.exchange/@infosec_jcp/112725566169727889@eff
@[email protected]
@[email protected]
@aclu
@unofficial_aclu
@acluva -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #Google
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER on #Google hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
sfo07s13-in-f174.1e100.net²
159.240.178.107.bc.googleusercontent.com³
25.25.190.35.bc.googleusercontent.com⁴
51.241.186.35.bc.googleusercontent.com⁵
183.34.211.130.bc.googleusercontent.com⁶
173.194.166.198⁷
74.125.166.169⁸
173.194.166.106⁹
173.194.167.9¹⁰
142.250.138.97¹¹
142.250.138.95¹²
142.250.138.94¹³
142.250.114.97¹⁴
142.250.138.100¹⁵
142.250.138.101¹⁶
142.250.138.138¹⁷
142.250.138.139¹⁸
142.250.138.113¹⁹
142.250.114.95²⁰
142.250.138.102²¹
sfo07s16-in-f78.1e100.net²²
dns.google²³
74.125.20.94²⁴
142.250.101.188²⁵
172.253.112.188²⁶
238.105.188.35.bc.googleusercontent.com²⁷
sfo03s26-in-f10.1e100.net²⁷
sfo03s25-in-f10.1e100.net²⁸
sfo03s24-in-f10.1e100.net²⁹
nuq04s45-in-f10.1e100.net³⁰
sfo03s27-in-f10.1e100.net³¹
sfo03s21-in-f10.1e100.net³²
nuq04s42-in-f10.1e100.net³³
nuq04s39-in-f10.1e100.net³⁴
sfo03s18-in-f10.1e100.net³⁵
142.250.176.10³⁶
lax17s50-in-f3.1e100.net³⁷
sfo03s33-in-f10.1e100.net³⁸
142.251.46.163This is just #Google attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #AWS
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #AMER & #EU on #AWS hosting since November 2022ish for #Prosecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
ec2-52-25-170-148.us-west-2.compute.amazonaws.com²
ec2-52-42-61-176.us-west-2.compute.amazonaws.com³
ec2-52-25-170-148.us-west-2.compute.amazonaws.com⁴
ec2-44-236-58-13.us-west-2.compute.amazonaws.com⁵
ec2-44-240-164-68.us-west-2.compute.amazonaws.com⁶
ec2-52-41-118-210.us-west-2.compute.amazonaws.com⁷
ec2-52-35-177-24.us-west-2.compute.amazonaws.com⁸
35.82.205.248⁹
ec2-54-191-45-53.us-west-2.compute.amazonaws.com¹⁰
ec2-44-241-110-131.us-west-2.compute.amazonaws.com¹¹
ec2-35-82-235-74.us-west-2.compute.amazonaws.com¹²
ec2-54-68-18-200.us-west-2.compute.amazonaws.com¹³
ec2-54-184-79-208.us-west-2.compute.amazonaws.com¹⁴
ec2-52-10-247-144.us-west-2.compute.amazonaws.com¹⁵
ec2-54-186-72-30.us-west-2.compute.amazonaws.com¹⁶
ec2-13-234-145-166.ap-south-1.compute.amazonaws.com¹⁷
ec2-52-21-175-83.compute-1.amazonaws.com¹⁸
ec2-44-229-72-171.us-west-2.compute.amazonaws.com¹⁹
ec2-44-230-23-250.us-west-2.compute.amazonaws.com²⁰
ec2-52-20-36-26.compute-1.amazonaws.com²¹
ec2-52-204-216-203.compute-1.amazonaws.com²²
ec2-13-235-220-86.ap-south-1.compute.amazonaws.com²³
ec2-18-235-29-229.compute-1.amazonaws.com²⁴
ec2-15-207-179-172.ap-south-1.compute.amazonaws.com²⁵
ec2-176-34-188-147.eu-west-1.compute.amazonaws.com²⁶
ec2-176-34-188-143.eu-west-1.compute.amazonaws.com²⁷
ec2-18-218-105-211.us-east-2.compute.amazonaws.com²⁸
ec2-3-21-177-140.us-east-2.compute.amazonaws.com²⁹
ec2-34-205-198-58.compute-1.amazonaws.com³⁰
ec2-3-20-61-88.us-east-2.compute.amazonaws.com³¹
ec2-13-59-255-164.us-east-2.compute.amazonaws.com³²
ec2-3-221-252-182.compute-1.amazonaws.com³³
ec2-54-236-219-191.compute-1.amazonaws.com³⁴
ec2-18-156-155-177.eu-central-1.compute.amazonaws.com³⁵
ec2-34-212-53-52.us-west-2.compute.amazonaws.com³⁶
ec2-54-246-112-81.eu-west-1.compute.amazonaws.com³⁷
ec2-54-217-236-154.eu-west-1.compute.amazonaws.com³⁸
ec2-46-137-158-3.eu-west-1.compute.amazonaws.com³⁹
ec2-176-34-105-145.eu-west-1.compute.amazonaws.com⁴⁰
ec2-52-0-252-134.compute-1.amazonaws.com⁴¹
ec2-176-34-123-171.eu-west-1.compute.amazonaws.com⁴²
ec2-54-228-232-250.eu-west-1.compute.amazonaws.com⁴³
ec2-54-217-245-217.eu-west-1.compute.amazonaws.com⁴⁴
ec2-52-0-252-1.compute-1.amazonaws.com⁴⁵
ec2-52-0-252-3.compute-1.amazonaws.com⁴⁶
ec2-52-0-252-2.compute-1.amazonaws.com⁴⁷
ec2-54-246-123-138.eu-west-1.compute.amazonaws.com⁴⁸
ec2-54-191-65-148.us-west-2.compute.amazonaws.comThis is just #AWS attaccc nodes for the past two years I have logged as #FinFisher shims/proxies/nodes. Every single one of these tried a MITM attaccc & multiple other OTS exploits. They were blocked and logged.
Cities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #BunnyNet via #DataPacket
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #Germany on the CDN #DataPacket hosting the #BunnyNet since November 2022ish for #GermanProsecutors to correlate.
#FinFisherCom🤝#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware 🔍🧐#infosec
¹
143-244-49-183.bunnyinfra.net²
143-244-50-83.bunnyinfra.net³
169.150.221.147⁴
143-244-50-88.bunnyinfra.net⁵
143-244-50-211.bunnyinfra.net⁶
169-150-249-163.bunnyinfra.net⁷
169-150-221-147.bunnyinfra.net⁸
143-244-50-82.bunnyinfra.net⁹
143-244-50-213.bunnyinfra.net¹⁰
143-244-50-209.bunnyinfra.net¹¹
143-244-49-180.bunnyinfra.net¹²
143.244.50.214¹³
185-93-1-251.bunnyinfra.net¹⁴
unn-169-150-249-163.datapacket.com¹⁵
unn-169-150-249-165.datapacket.com¹⁶
unn-169-150-249-164.datapacket.com¹⁷
unn-169-150-249-166.datapacket.comCities:
¹
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/²
https://en.wikipedia.org/wiki/FinFisher⁵
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
One common thing #StateSponsoredMalware™ from #GammaGroup . Com's #FinFisher #FinSpy #Finsky does is a downgrade attack on your encryption by using older protocols that are already compromised and also using port 80 over port 443 on web browsers at logins as well as replacing and utilizing different certificates with lower bits and easily broken ciphers so that you still have a green lock on your browser.
Libraries of overlay icons have also been found to overlay and replace icons on each os also mimicking icons that make you think you are using ' secure ' settings also for common programs for communications.
This software is commonly used for investigation purposes but it's been see also primarily used as a financial crime tool in the South Eastern United States in Red States attacking Blue States since 2015 when it's source code was hacked.
#infosec #SSM™ #GammaGroup #FinFisher #FinSpy #Finsky #CALEA #CALEAmalware™ #greymarket #financialcrimes #investigations #ForcedMDM #MITM
-
🔎☣️ The amount of exploited #BunnyNet hosts on #DataPacket has increased which hosts a lot of the #fediverse. #Germany ☣️🔍
#GammaGroup #FinFisher #fediverse #FinSpy #Finsky #CALEA #GreyMarket #investigations #infosec